[cap-talk] Webkeys vs. the web

zooko zooko at zooko.com
Tue Mar 24 12:01:32 EDT 2009


allmydata.com operates a standard web site, where users register by  
giving their e-mail address and choosing a password, and giving their  
credit card information.

It has an "I forgot my password" function, and a login/logout, and so  
on, just like every other web site in the world.

I'm not sure whether allmydata.com customers are aware that what they  
get from logging in is a copy of their root cap, but I assume that if  
they became aware of that fact then the allmydata.com web masters  
would consider this to be a UI flaw and would fix it.

I would assume that the allmydata.com web ui is approximately as  
susceptible to click-jacking and other attacks as the average web  
site is.

By the way, an ongoing long-term goal for Tahoe, and also for  
allmydata.com, is to invent a way for customers to engage in a ritual  
like this and recover their root cap (even if their computer has  
fallen over, caught fire and sunk into a swamp) while *preventing*  
allmydata.com from being able to get access to the customer's root  
cap.  That is a difficult and interesting problem.

Regards,

Zooko

P.S.  Oh, I have an idea -- want to see how it works?  Then just go  
to http://allmydata.com and sign up!  There is no charge for the 30- 
day free trial.  :-)


More information about the cap-talk mailing list