On Sat, Feb 24, 2001 at 09:10:37PM +0000, Theodore Hong wrote: > I've just been reading the OceanStore paper, which I highly recommend to > everyone -- http://oceanstore.cs.berkeley.edu/ -- they've got a whole lot > of great ideas. interestingly, their naming scheme seems to be exactly > like ours: SVKs, CHKS, and redirects, although of course they don't call > them that. > > Anyway, they control permissions for updates by associating to each file a > certificate signed by the owner saying "use access control list X" for this > object, where X can be some default setting or another file. An entry in > an ACL consists of a granted permission level plus the grantee's public > key. > > This seems like a more flexible idea that our current owner-signs-update > model. To create a publically-writeable subspace, for example, insert a > special file named ACL which says that anyone can create a new file but not > overwrite an existing one. This gets around the cryptographic weakness of > using a private key as the SVK key, and prevents people from overwriting > each other. The downside is that you'd have to retrieve the ACL each time > you wanted to verify a file. You still have the problem of locating the ACL. If it doesnt exist, what happens? Also, this assumes that all servers processing the request must have the ACL as well, which means each needs to spawn a request for it.
-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010226/c10512e4/attachment.pgp>
