As part of twederation I would like to be able to have some sort of access control to wiki contents. I am still thinking about how to do this and I hope that someone here has some experience with these things and can at least tell me if this would be possible. Any thoughts or suggestions on this or alternate implementations are always welcome.
My current not very developed idea: In a trustless environment without persistent storage for a reader (ie a publicly hosted tiddlywiki being read by someone without write access) some sort of cryptography is the only real way to selectively make parts of the wiki accessible. Tiddlywiki already has sjcl.js as part of the core and my brief skimming of the documentation suggests that we can use elliptic curve cryptography. For the twederation experiments me and Mat have been working on part of connecting two wikis involves exchanging twCards which could easily contain a public key for private communication. So if I wanted to send a message to Mat that no one else could read I could just use his public key. The biggest problem I see is local private key storage. This wouldn't be a huge problem if you are using a single computer all the time and have a password manager, but if you are using multiple devices there will probably be some usability concerns. I have read a tiny bit about processes for taking a password and generating a private key from it, but I am not sure how much they would apply in this context since everything about how the password is converted to the private key would be on the wiki and therefore assumed to be publicly viewable. I don't know specifics of how this works so at the moment it is just brainstorming. I know that from a strict security perspective this would be difficult to make secure, but for the current purposes of twederation I don't think we need an actually secure setup, just enough that it would take real effort to break the encryption. Hopefully we would be able to make it secure, but that isn't a high priority for me at the moment. My idea for how to encrypt a single message for multiple recipients would be to define groups of people and send everyone in the group the same key (in this case probably a symmetric key for simplicity) in a message encrypted using their public key. Then each person could decrypt the message and have access to this key which you could reuse to send to the entire group and have everyone able to decrypt the message without requiring individual things saved on your wiki for each message. Someone would also have to create a widget that would decrypt the and display the messages in a way that doesn't affect the tiddler store so that the decrypted versions wouldn't be saved accidentally after viewing. I don't think that this would be too difficult, but depending on how much processing is required it may slow down the wiki. NB: Almost all of the complaints I have seen about js-based encryption are based on client-server models and communicating keys. I am currently considering only the html wiki in the browser which avoids that problem completely. This doesn't mean that there aren't concerns but the generic 'javascript cryptography is bad' arguments may not be relevant to this situation. It doesn't look like the ecc part of sjcl.js is included in the tiddlywiki core but since it is so small when minified it could probably be included as a plugin without problems. -- You received this message because you are subscribed to the Google Groups "TiddlyWikiDev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywikidev. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywikidev/71a8ffd0-f1fc-4387-ae35-402362abbeec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
