[Ndn-interest] repo-ng and least-authority storage
cds at corbinsimpson.com
Tue Jun 27 19:37:27 PDT 2017
I want to know if the following security design is provider-independent; that is, whether it still holds even if I don't trust the NDN nodes running repo-ng.
To make a cap for a file, generate a secret key and nonce, use libsodium to put the file in a box with the key and nonce, and finally, insert the box in a repo with a random name. The name, key, and nonce form a capability for the file; the capability is necessary and sufficient for file retrieval.
This is a lot less work than Tahoe-LAFS has to put in! Would it really work?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ndn-interest