Sharing and archiving data sets with Dat

Posted Aug 28, 2018 3:05 UTC (Tue) by ianmcc (subscriber, #88379)
Parent article: Sharing and archiving data sets with Dat

The article gives an example of getting data via a dat://<key> URL, where <key> is a ed25519 public key. But later it days that the public key is supposed to remain secure and peers use only the 'discovery key', obtained from hashing the ed25519 key. Can someone clarify which key appears in a dat:// url?

Sharing and archiving data sets with Dat

Posted Aug 28, 2018 3:18 UTC (Tue) by bnewbold (subscriber, #72587) [Link] (1 responses)

The key in the URL is the "public key", which generally grants read access to the contents of the archive in question. The "discovery key" is usually never seen by humans.

There are a lot of use cases for dat archives. If you are sharing data with one or a small number of peers, you keep the URL secure and send it out of band to only your intended recipients. Note that any recipient can share the key on to whoever they want. If you're publishing data publicly, obviously you want to spread that `dat://` URL around liberally, not keep it secure.

Sharing and archiving data sets with Dat

Posted Aug 28, 2018 8:22 UTC (Tue) by epa (subscriber, #39769) [Link]

I thought that any kind of "security" based on keeping a URL secret was flawed. The URL mechanism, and most software, is designed with the assumption that the URL is a public identifier and access control is done with other mechanisms, not by whether you know the URL or not. It gets included in referrer logs, for example. Tim B-L outlined these principles in 1997 (and even back then they were just codifying existing practice): https://www.w3.org/DesignIssues/LinkMyths.html

It could be that Dat is quite different in its approach and takes care not to leak the address of a resource, since knowledge of the address acts as access control. But in that case it shouldn't be called a URL.