North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: cleaning up MIME external-body attachments....
On Sat, 26 May 2001 13:15:29 EDT, Greg A. Woods said: > The space occupied on the HTTP (or FTP) server isn't "spool space". > It's already destined as "archive space" (many ISPs don't even back it > up and state flatly that it's the user's responsibiilty to keep archive > copies in case of disaster or whatever). OK. So the thing lives in /tempurls instead of /var/spool. The point was that quantity X of disk was going to be needed for at least a week or to, instead of probably just a few minutes. You get 100K customers all using several X of disk for a week instead of a few minutes, you better be planning on more disk.. > Of course an ISP might provide a few GB of cheap disk for "temp" URLs in > people's home pages that'd get cleaned up automaticaly after a few > days/weeks/whatever of inactivity. (http://my.isp/~me/temp/ is a > symlink/alias/whatever created by the ISP into this temp space) My point was that you may need more than just a few GB of cheap disk for this. > Don't you know how to encrypt files? Hopefully any confidential e-mail > message you send is encrypted so why wouldn't you encrypt the > external-body content with the very same key before uploading it to a > public server? Hmm.. OK.. so I can either use a symmetric key scheme and figure out how to distribute 25 copies of the key for this file, or I use public key scheme and encrypt each one to the recipient's public key (and park 25 seperate copies on the server, aggrivating the problem I mentioned above). Did I mention that: a) PKI is still a pipe dream b) I'm *well* aware of how to encrypt files - I'm the guy who is continually being asked what the <bleep> an application/pgp-signature is. c) this infrastructure is getting more and more complicated.. ;) As I said - I'm glad the draft wasn't proprietary information. > > I'm pretty sure that > > I'd hit any number of snags and screw-up trying to put a .htaccess > > restriction that actually worked.... > > You certainly would not want to do anything so complex and pointless. Especially not when just PGP'ing the mail and sending it already does all the necessary securing of the infrastructure.... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech