On Sat, Apr 14, 2001 at 08:10:05PM +0100, Michael Rogers wrote:
> On Tue, Apr 10, 2001 at 11:00:06PM -0500, Brandon wrote:
> > No, most files are under CHKs. So if you request the information and then
> > bookmark in some hypothetical bookmarking system (perhaps you write down
> > the key on a post-it note) then you can bookmark the CHK.
>
> As a clueless user, would you write down the CHK or the KSK? Or are you
> only expecting Freenet to be used by the half-dozen people who understand
> how it works?
>
> > So once you've retrieved it, it can't be spoofed the second time. Also,
> > anything published by a known publisher or as part of a Freenet site can
> > use an SSK and therefore can't be spoofed.
>
> But the front page of the site will probably use a KSK, so the whole site
> can be made unavailable by spoofing one KSK. And if it's unavailable to
> most users, it will probably fall out of Freenet.
Not if we make fproxy update the URL by using HTTP 301 Permanently Moved.
Then, if you bookmark the site or copy the URL from the location bar, it will
be the CORRECT version.
>
> > KSKs are useful for precisely one thing, which is giving an easy to
> > remember and type name to a file. You shouldn't trust that the name of a
> > file actually describes what's in the file.
>
> KSKs are not file names, they're URLs. I bet 99% of users assume that if
> their friend gives them a URL, it points to the file their friend intended
> them to see.
>
> > KSKs are very useful. If you're got IMPORTANT data then you should use
> > something more secure. No one really cares if [EMAIL PROTECTED] or
> > [EMAIL PROTECTED] gets replaced with something else.
>
> So how are they useful? They provide easy-to-remember names for data that
> nobody cares about? Isn't that why we have goatse.cx?
freegle and SSKs make KSKs rather less necessary hopefully.
>
> > I also often use KSKs to share files with people. I can say "The key is
> > picture-for-margaret.jpg." No one is going to attack this because this
> > key isn't indexed.
>
> If you have a secure channel for communicating with Margaret, why not
> send the picture that way? If you don't, what's to stop an eavesdropper
> from replacing picture-for-margaret.jpg with dvda.jpg, ruining (well,
> definitely altering) your friendship with Margaret?
>
> Michael
--
The road to Tycho is paved with good intentions
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
