making remote git storage work [was Re: Subsurface ans Dropbox]

Fri May 29 08:24:04 PDT 2015

On 29 May 2015 at 14:23, Dirk Hohndel <dirk at hohndel.org> wrote:

> On Fri, May 29, 2015 at 08:13:44AM +0100, Long, Martin wrote:
> > A little feedback:
> >
> > Advanced mode - I'd most likely use this. I think this is quite
> important,
> > and opens up the possibility or using Github, Bitbucket, or privately
> > hosted git repos.
> >
> > You keep saying "PIN". Could that actually be any passphrase? i.e. why
> > limit it to numbers, or limit the length? I'd typically use a random
> string
> > generated by Lastpass.
>
> I say "PIN" because I want it to sound easy to users.
> This /IS/ the private key passphrase.
>
> > How about https with auth? I know it's not intended for use in a
> corporate
> > environment, but some people could have trouble with SSH through
> firewalls.
>
> Because Subsurface clearly is something that people are running in their
> corporate environment.
>
> My goal is to implement something that will work for most people in a
> typical scenario. Https means I need to get yet another random number that
> I pay a lot of money for. On top of the server that I pay for. The
> bandwidth that I pay for. And in the case of this remote storage idea, I
> guess the storage I pay for.
>
> If you would like to contribute the code that makes this work seamlessly
> with https on github, be my guess, your contributions will be gladly
> accepted.
>
> If I can get this to work with ssh and my infrastructure I'll be thrilled
> and I'll call it a major new feature in 4.5
>
> > Also, wouldn't this be a simpler option than downloading and decrypting
> > keys (which seems to somewhat defeat the purpose of using PKI in the
> first
> > place, as it has essentially become username/password auth).
>
> I repeat. Goal #1 is to make this trivially easy for users. Anyone who
> cares about security, privacy, PKI, whatever, please don't use this.
>
> Any project that tells the average diver "create an ssh key pair, create a
> github account, install your public key on github, select your private key
> in Subsurface, add your github account information and look how easy it is
> to use this" is seriously confused.
>
> Have you looked at the level of questions we are getting from users?
>
> /D
>

I didn't want to come across as hostile. I know I haven't contributed a LOT
to the project like some others. Unfortunately, although I'm a developer,
C/C++ are not strengths of mine, so contributing code is difficult, but I
was just offering a contribution in the form of some feedback from my
perspective.

You can get FREE SSL certificates, which are accepted by all of the major
browsers, from StartSSL. They do simple verification using email, and you
can get them straight away. I use them all the time. It's secure, but they
just don't offer the monetary guarantees that the big providers offer,
making it unsuitable for ecommerce.

I quite understand that we need to keep this simple for the user, and hence
my suggestion to use https.I thought it would be simpler to do this using
http/https than it would using a convoluted method of fetching and
decrypting a key using a REST api, especially when the result is ultimately
the same - login using a username/password. I don't think at any point did
I suggest that [non-advance] users should be creating SSH keys, rather that
we ought to consider user/password security over http as a better fit
implementation for that use case.

Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.subsurface-divelog.org/pipermail/subsurface/attachments/20150529/7071c9f1/attachment-0001.html>