On Thursday 01 Aug 2013 12:14:48 Matthew Toseland wrote: > On Thursday 01 Aug 2013 12:04:17 Matthew Toseland wrote: > > On Wednesday 31 Jul 2013 23:27:26 Steve Dougherty wrote: > > > On 07/31/2013 10:50 AM, Matthew Toseland wrote: > > > > On Wednesday 31 Jul 2013 00:01:05 Steve Dougherty wrote: > > > >> On 07/30/2013 05:45 PM, xor wrote: > > > >>> On Tuesday, July 30, 2013 02:38:28 PM Steve Dougherty wrote: > > > >>> [snip] > > > >>> How do you obtain the list of identities which you offer > > > >>> the user to chose from? You should use GetIdentitiesByScore with > > > >>> positive score filter (and context filter "Infocalypse", I think > > > >>> it supports that as well). Where do you present him with the > > > >>> list? Ideally, the UI which shows the list should pass through > > > >>> the ID so you don't have to filter by nickname. > > > >> > > > >> There is no list to choose from. The user types something like "hg > > > >> pull freenet:p0s/WoT" and Infocalypse resolves it to a URI (not > > > >> necessarily one in the same subspace) and fetches it. > > > > > > > > Okay. The difficulty here is that there might be more than one p0s. > > > > We should always use the p0s we used last time, for security's sake. > > > > This is probably part of the reason why e.g. git has a list of > > > > remotes for each repository. > > > > > > > > Maybe you should keep a list of aliases? Or boost an identity's trust > > > > when you pull from it? Really this should be WoT functionality. > > > > > > I don't see why this needs to be anything more complex than aborting > > > when an identifier used to look up an identity matches more than one > > > identity. One need only specify the entire identity ID, perhaps with > > > nickname for convenience, to always uniquely specify an identity. This > > > partial matching is only for convenience. > > > > That makes a DoS too easy, makes mistakes too easy, and generally sucks > > lemons for both security and usability. > > > > > > For local identities it should be really easy for someone to figure out > > > which one they mean because the search space is very limited, and they > > > created every identity in it. For remote identities it might involve > > > more investigation. > > > > > > I think that making sure the identifier refers to the identity they want > > > is the user's responsibility, not the software's responsibility. All the > > > software has to do is halt if the user is anything less than specific > > > enough to be exact. > > > > Git already HAS this functionality. A git repository has a list of remotes > > by nickname. Each remote corresponds to a specific external repository URL. > > That's all I'm asking for. > > > > > > The only possible problem I see with this is people pasting nicknames > > > with maliciously indistinguishable UTF-8 characters intended to > > > impersonate another identity. The solution to that is: "Type the > > > nickname yourself or check/include the identity ID." > > > > More dubious security issues for no reason. :( > > > > git remote add operhiem1 operhiem1/fred > > ^^^^^^^^ Look it up at *this* point > > Sorry, to clarify, the last part is a (git) url: > git remote add operhiem1 freenet:operhiem1/fred > > > git pull operhiem1 > > ^^^^^^^^ Use the full URL (public key / USK / WoT identity) that we added. > Then there is the broader question of whether we want a *global* persistent mapping from nick to USK. Which would certainly be useful for e.g. Freemail. That's the wider discussion.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
