From 4fcaf6108dfc6248cd0d598dcc763585a8343033 Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Sat, 16 Apr 2022 10:53:41 +0300 Subject: [PATCH] notes... Signed-off-by: Alex A. Naanou --- pwiki2.js | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pwiki2.js b/pwiki2.js index e5980e7..bc37946 100755 --- a/pwiki2.js +++ b/pwiki2.js @@ -1,6 +1,19 @@ /********************************************************************** * * +* XXX might be a good idea to try signature based security: +* - sign changes +* - sign sync session +* - refuse changes with wrong signatures +* - public keys available on client and on server +* - check signatures localy +* - check signatures remotely +* - private key available only with author +* - keep both the last signed and superceding unsigned version +* - on sync ask to overwrite unsigned with signed +* - check if we can use the same mechanics as ssh... +* - in this view a user in the system is simply a set of keys and +* a signature (a page =)) * **********************************************************************/ ((typeof define)[0]=='u'?function(f){module.exports=f(require)}:define)