Bug#730439: ITP: ori -- a secure distributed file system
Sure; I just copied the tagline from the website. The basic security
guarantees Ori gives is that all of the files that are replicated are
cryptographically hashed with SHA-256, so if a node knows the hash of a
file, it can verify that it actually got the file after doing some sort
of fetch. (Just like Git.) That's not so easy to put in the tagline.
Perhaps:
Description : a distributed file system inspired by version control systems
Edward
Excerpts from intrigeri's message of 2013-11-25 01:35:35 -0800:
> Hi,
>
> > Description : a secure distributed file system
>
> I find it always scary to see people advertise some software as
> "secure", especially without specifying what threat model it is about.
> Security is not a boolean, and something that's secure in a given
> threat model may be totally unsafe in another one.
>
> Perhaps the package description could be a bit more humble on this
> side, and instead of "secure", express in a few words the kind of
> security that is offered?
>
> Cheers,
Reply to: