[cap-talk] Webkeys vs. the web
zooko
zooko at zooko.com
Tue Mar 24 12:01:32 EDT 2009
allmydata.com operates a standard web site, where users register by
giving their e-mail address and choosing a password, and giving their
credit card information.
It has an "I forgot my password" function, and a login/logout, and so
on, just like every other web site in the world.
I'm not sure whether allmydata.com customers are aware that what they
get from logging in is a copy of their root cap, but I assume that if
they became aware of that fact then the allmydata.com web masters
would consider this to be a UI flaw and would fix it.
I would assume that the allmydata.com web ui is approximately as
susceptible to click-jacking and other attacks as the average web
site is.
By the way, an ongoing long-term goal for Tahoe, and also for
allmydata.com, is to invent a way for customers to engage in a ritual
like this and recover their root cap (even if their computer has
fallen over, caught fire and sunk into a swamp) while *preventing*
allmydata.com from being able to get access to the customer's root
cap. That is a difficult and interesting problem.
Regards,
Zooko
P.S. Oh, I have an idea -- want to see how it works? Then just go
to http://allmydata.com and sign up! There is no charge for the 30-
day free trial. :-)
More information about the cap-talk
mailing list