On Wed, May 30, 2001 at 02:09:59PM +1200, David McNab wrote: > > BUT, the MSK at SSK@... is *not* spoofable. KSK at blah is spoofable. > > FreeWeb > > allow MSK at SSK@... - it looks up the KSK every time to avoid nasty long > > URLs. Freenet is secure if you use MSK at SSK@ > > Again... <groan>... FreeWeb publishes and maintains totally secure sites in > the standard freenet:MSK at SSK@alphabetsoup/subkey// format! > Referencing them via insecure hyperlinks is only an option. > omigod :(
I think people understand this, or at least, I do. The fear is that where protocols are concerned, too many options can be a bad thing. The mere ability to deal with www.xxx.free style domains will encourage people to use them, but those people will encounter the problems you mention. I think that with a system like Freenet, where security and anonymity are such strong selling points, providing an insecure option to a potentially uninformed user is actually doing them a disservice. Ian. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010529/1747a5ee/attachment.pgp>
