Re: [Tails-dev] Tahoe-LAFS persistence

Delete this message

Reply to this message
Author: Zooko Wilcox-OHearn
Date:  
To: Greg Troxel
CC: tahoe-dev, The Tails public development discussion list
Subject: Re: [Tails-dev] Tahoe-LAFS persistence
On Sun, Jun 1, 2014 at 3:11 PM, Greg Troxel <gdt@???> wrote:
>
> This can be viewed as a bug in tahoe :-)
> But seriously, fixing the FUSE interface would be a great contribution.
> It's not clear to me how efficient the FUSE interface has to be before
> it isn't the limiting issue; tahoe is not a fast filesystem.


Like Leif mentioned in reply, there *is* the SFTPd that comes with
Tahoe-LAFS, and that is supported by the current Tahoe-LAFS core devs.
Like gdt, I also don't know whether its performance would satisfy for
this use case.


> Are you proposing to store the capabilities to access the persistent
> data on the local media (removable flash, I'm assuming)? I've come
> into this thread somewhat late, but the security and usability
> properties are not entirely clear to me.


This is a key question (so to speak). How is the cap stored? The cap
is basically just the encryption key plus the URL to reach the remote
server. (The remote server stores only ciphertext, remember.) So, the
cap needs to be protected exactly like a symmetric encryption key
needs to be protected: if it is copied, the copier can read your
files, and if it is lost, then *you* can never again read your files.

I usually advise people to print the cap out on paper.


> (resident old-school unix crank on the tahoe list)


We love you, gdt. Never change.


Regards,

Zooko Wilcox-O'Hearn

Founder, CEO, and Customer Support Rep
https://LeastAuthority.com
Freedom matters.