Added a comment: verifying and external backends

2019-06-28 17:14:18 +00:00 · 2019-06-28 17:14:18 +00:00 · 607bb3c208
commit 607bb3c208
parent 3388722110
1 changed files with 8 additions and 0 deletions
--- a/doc/todo/external_backends/comment_7_090e62b5d37beb5d62d56cfb3b1e2134._comment
+++ b/doc/todo/external_backends/comment_7_090e62b5d37beb5d62d56cfb3b1e2134._comment
@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="Ilya_Shlyakhter"
+ avatar="http://cdn.libravatar.org/avatar/1647044369aa7747829c38b9dcc84df0"
+ subject="verifying and external backends"
+ date="2019-06-28T17:14:17Z"
+ content="""
+In fact, it seems you'd _always_ have to treat external-backend keys as unverified by default, and require explicit configuration to override that?  Even if an external backend claims to compute a cryptographically secure hash, you can't guarantee that it does.  It seems that the handling should be exactly as for URL/WORM keys, except that, instead of completely disabling verification with `annex.security.allow-unverified-downloads`, the user could enable verification by an external backend implementation which the user trusts.
+"""]]