On Fri, Dec 29, 2000 at 04:03:13AM -0600, Mark J. Roberts wrote:
> On Thu, 28 Dec 2000, Oskar Sandberg wrote:
< > 
> > How to validate something the first time is obviously not a problem that
> > can be solved in band. However, by putting all relevant data under secure
> > keys you can be sure that a) you can safely return to a document where you
> > had been before b) you can safely link to a document and be sure that
> > people following the link will end up where you want them.
> 
> Embedded KSK links should be deprecated, if they aren't already. And
> nothing (especially important data like mapfiles) should never be directly
> under a KSK. I agree.

Good, then we don't need to argue further.

< > 
> > This is essential. You can have simple keys, but it is extremely important
> > that the essential data itself is under a secure key. And making sure of
> > this will not complicate things for the user, it will only make the
> > programming a little more difficult for us.
> 
> This is an issue on the insert side. Is anyone going to try to defeat
> InsertClient and insert directly into a KSK? And if they do, what should
> our response be when we request it? Complete rejection of the data or
> merely a warning with an override?

Obviously we can't stop people from doing it incorrectly, but we do have a
lot of influence over how it is done. Having the request client reject
such data completely is probably excessive though.

> 
> 
> -- 
> Mark Roberts
> [EMAIL PROTECTED]
> 
> 
> _______________________________________________
> Freenet-dev mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev

-- 
'DeCSS would be fine. Where is it?'
'Here,' Montag touched his head.
'Ah,' Granger smiled and nodded.

Oskar Sandberg
[EMAIL PROTECTED]

_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev

Reply via email to