Last Call Review of draft-ietf-decade-survey-
I have reviewed this document as part of the security directorate's
ongoing effort to review all IETF documents being processed by the
IESG. Document editors and WG chairs should treat these comments just
like any other last call comments.
This is a survey of existing systems and as such does not require a security considerations as there is nothing to build.
However, the draft does analyze the security of the existing schemes and as such seems to be looking at this from the point of view of how the systems implement existing security schemes appropriate for file stores. I don't think this is sufficient or particularly useful.
I can see outsourced storage being used in various ways:
1) As a filestore replacement
2) As an emergency backup.
3) As a latency reducer
Lets leave 3 to one side for a moment.
Support for ACLs and such is only really relevant for 1. Local storage is cheap though and my main interest is actually 2 more than 1. A system with no security is fine with me as I can layer whatever security I need on with cryptography.
The security problem as I see it then is to do with how the customer and outsourcer interact and issues of the form
Customer: Those aren't my bits you gave me!
Outsourcer: Oh yes they are!
Lawyer1: Prove it!
Lawyer 2: Prove it!
See where this is headed?
Case 3 has an even more tenuous connection between the provider, consumer and storage provider. Do we even have a commitment to support storage of anyone's bits? What are the liabilities if corruption ensues?