[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Sks-devel] Stats page availability
|
From: |
Phil Pennock |
|
Subject: |
[Sks-devel] Stats page availability |
|
Date: |
Mon, 27 Oct 2008 23:18:12 -0700 |
Hi,
I was slightly surprised to find the stats web-page served up by sks;
much of it isn't sensitive, but I'm a little reluctant to have listed
the version and the Gossip Peers; as far as I can see from reading the
source there are no access controls or knobs to filter this.
Is the peer list something which the distribution protocol would make
available anyway, so that I'd just be fooling myself by limiting its
visibility?
Is there a philosophical view that this data should always be exposed?
I know that restricting the version visibility only helps by obscurity
if I'm lagging behind on upgrade when there's a security-critical
update, but still, who needs to see it? Or is the idea that your peers
should always be able to see? Since the trust is inherent in the data,
rather than the protocols or servers, I'm not seeing that it's necessary
to expose it to peers but perhaps I'm just being asocial.
Clue welcomed.
Thanks,
-Phil
pgpcrRN4GxMMY.pgp
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Sks-devel] Stats page availability,
Phil Pennock <=