From 01d62ab01c90448452457c1bd22142a6976da4fa Mon Sep 17 00:00:00 2001
From: zooko <>
Date: Mon, 15 Oct 2007 22:20:03 +0000
Subject: [PATCH] more Security Considerations

[Imported from Trac: page Security, version 2]
---
 Security.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/Security.md b/Security.md
index 67d4ab6..b8cfcb9 100644
--- a/Security.md
+++ b/Security.md
@@ -2,6 +2,12 @@
 
 This page exists so that there is one page to read to learn about the security guarantees that Tahoe is designed to provide, as well as about any current known issues that might have security consequences.
 
-Except that this page isn't here yet.  I (Zooko) intend to set it up today (2007-10-15), as part of the v0.6.1 release.
+# The Distributed Filesystem
 
-Be right back...
\ No newline at end of file
+## Access Control
+
+The Tahoe distributed filesystem is composed of files and directories.  Each file has a unique and unguessable identifier, called a "CHK-URI".  Possession of this identifier is necessary and sufficient to download, reconstruct, decrypt, and verify the integrity of the file.  If a person is not given the CHK-URI, then they cannot see the 
+
+## Traffic Analysis
+
+*To be filled in.*  Traffic analysis is subtle and powerful.  For the moment, assume that if someone wants to, they can learn everything about your every act, including when were, and which file, by its unique identifier and its length *except* that they can't learn the actual contents of the files, except that if the file happens to be a file whose contents they already know then they can.  Make sense?  I'll come back later.