Tyler Close wrote to me privately. I'm taking the liberty of replying publicly. I hope that's all right.
On Dec 2, 2008, at 14:31 PM, Tyler Close wrote: > Could you provide links to Nathan and Collin's arguments? http://allmydata.org/pipermail/tahoe-dev/2008-February/000404.html http://allmydata.org/pipermail/tahoe-dev/2008-November/000865.html > The printing argument doesn't seem so obvious to me. I think having > the cap on the printout is a good thing, assuming it's the cap for > the read-only facet of the file. Well, the most common caps in tahoe currently are caps to immutable files (so of course the caps provide read-only access). But it is possible that someone could view a read-write cap to a file, or a read-only cap to a mutable file or directory, and then print it. If the cap is printed onto the page (in the URL), then the user might be surprised that they were giving more authority to someone than they intended, when giving them a printout. A printout is typically assumed to convey only read authority to that particular fixed representation of the data, doesn't it? ;-) On the other hand, I like it when a printout has a URL on it where I can read new versions of the same document. I wonder if those browsers that print out the URL in the footer would include a URL fragment? Hey, I have Firefox-3 here -- I can try it: http://allmydata.org/~zooko/testwikiprintout.pdf The answer is that Firefox-3.0.4 on Mac doesn't add any such footer. Kind of unfortunate -- since the URL in question is the read-only cap to the current version of my blog (i.e., conveying exactly the same authority that a normal URL does), and I would like that to be appended. Oh, I see you can configure Firefox-3 to do this -- on Mac OS X it is in the print dialog under a tab named "firefox". Here is the result: http://allmydata.org/~zooko/testwikiprintout-with-URL-footer.pdf Too bad! Tahoe's caps are too long to print in a footer. At the moment I'm not too worried about the URLs-in-footers issue. I await more specific security arguments (ideally actual demos/ exploits) which can guide us to improve the way Tahoe uses caps on the web. Regards, Zooko _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
