From: Gordon Mohr (gojomo@usa.net)
Date: Sat Dec 30 2000 - 15:50:08 PST
I'd like to have a personal weblog and/or wiki: a hypertext
space, accessible from anywhere, than easily captures, orders,
and crosslinks all sorts of notes, thoughts, and compositions.
However, rather than publishing the content to the world, I'd
like it to be accessible only to me. In fact, I'd like extreme,
even unreasonable privacy -- such that I could casually store
every password I've ever used in the system, or write text
without any concern whatsoever that others would someday
read it.
More specifically, I'd expect strong protection against network
and (remote and local) filesystem eavesdropping, but could accept
vulnerability to devices or software which watch local keystrokes,
RAM, or screen-contents.
Anyone know if something like this exists?
--The first architecture that occurred to me for implementing such a system would be:
(1) A web-browser which makes an SSL connection to... (2) A local micro-web-server, which: - prompts for the system secret/key - runs the wiki/weblog software but... - encrypts all persistent data before handing it off to... (3) An not-particularly trusted remote web-server, running appropriate archive/retrieval software
You would have to download and run the micro-web-server to a machine before accessing the private area from that machine. The data on the remote server could be sabotaged, but it would then fail local consistency checks.
Properly-behaving browsers never filesystem-cache content that comes over SSL connections, right?
Does this description and architecture for an ultraprivate web space strike FoRKers as possible? Practical? Paranoid? Promising?
- Gordon
This archive was generated by hypermail 2b29 : Sat Dec 30 2000 - 15:54:38 PST