Not Really Single Secure Key


weelcoyote

Recommended Posts

Hy,
First, thank you for this software

 

Sorry and believe my english at first time, I'll try to explain.

 

If I share a unique key reading (one click with or without validation authorization) by email or link, the client connects to the share.
By cons, if he clicks preferences and clicks see the key, he can then share it with anyone without the need for validation.
I hope to be clear enough.
Visible key is inserted directly by preferences, enter a key.

Thank you for your help

 

In French if you need

 

Si je partage une clef unique de lecture (un clic avec ou sans autorisation de validation) par mail ou lien, le client se connecte au partage.
Par contre, si il clique sur préférences et clique sur voir la clef, il peut ensuite partager celle-ci avec n'importe qui sans besoin de validation.
J'espère être assez clair.
La clef visible est directement insérable par : préférences, entrez une clef.

Merci pour votre aide.

Link to post
Share on other sites

This is more or less how btsync is intended to work.  One-time keys/links are meant more for security during transmission (from people eavesdropping on the line), rather than ongoing security.

BTSync doesn't have a client-server configuration (where the owner can change/revoke access), it has a peer-peer configuration (where all peers are all equally trusted and have equal access to their respective read-only or read-write keys, with the exception that read-only peers cannot see the read-write keys).

Link to post
Share on other sites

The key with a single use prevents the key from being intercepted and used.  Its purpose is secure transmission, not security from the recipient. 

 

Once the recipient installs the key (or uses the link), they are granted equal status with any other peer with their same access. In other words, a read-only peer who is given a one-time-use link ends up the same as any other read-only peer once the link has been used, and can access all the files and keys of its privilege level. If you are giving the key to an untrusted peer, this does mean that they could share the key further if they want (though only the read-only key if they do not have read-write access).

 

There are only two levels of access - read-only and read-write.  

The only way to remove access for one specific user is to change the keys on the other computers manually.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.