couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <robert.new...@gmail.com>
Subject Re: Question about validator functions and replication
Date Tue, 29 Mar 2011 14:41:13 GMT
so presumably this just uses couchdb us a dumb store, since you won't
be able to compute views over this data?

B.

On 29 March 2011 14:19, Nebu Pookins <nebupookins@gmail.com> wrote:
> On Tue, Mar 29, 2011 at 8:54 AM, Robert Newson <robert.newson@gmail.com> wrote:
>> You can get read access control by separating each users documents
>> into a separate database.
>
> This solution gets tricky if there are "shared" documents, though.
> You'd basically need one database for each possible grouping of users.
> I.e. with N users, you'd need 2^N databases.
>
>> I'm curious to know where you store the encryption keys such that no
>> user can access the key of another user. Whatever you did to solve
>> that would seem to be sufficient to prevent the access you were
>> concerned about in the first place. Presumably there's also a
>> different key per user?
>
> You basically need to use public key encryption. Each user has their
> private key which they keep secret, and the public keys are accessible
> to everyone and probably stored in the DB itself (so that the DB
> software can also generate documents encrypted towards specific sets
> of users).
>
> - Nebu
>

Mime
View raw message