gpg: Signature made Mon Mar 3 22:35:55 2008 UTC using DSA key ID E43DA450
gpg: Good signature from "Matthew John Toseland <toad@amphibian.dyndns.org>"
On Monday 03 March 2008 17:20, Julien Cornuwel wrote:
> Matthew Toseland a écrit :
> > On Sunday 02 March 2008 21:40, Julien Cornuwel wrote:
> >> The client decides what to fetch with the informations given by the WoT
> >> plugin. It then asks it to the FMS plugin and it works as Martin
> >> described in another post.
> >>
> >> The only issue I see here is that we would have to create 2 SSKs per
> >> user : one for the WoT, one for FMS stuff (messages...).
> >
> > No, each user must have entirely separate publications. Otherwise an
attacker
> > can identify that two users share the same plugin / the same node.
>
> I don't understand your point. Of course each identity should have its
> own SSK for publications. What's the problem if the same plugin fetches
> messages for all its clients ?
"we would have to create 2 SSKs per user : one for the WoT, one for FMS stuff"
I misunderstood this. But it's unnecessary anyway, you can use the same SSK
and change the document name.
