From 92d37629b33c3adf1b6c56b3ed8efcc7f338a0c2 Mon Sep 17 00:00:00 2001
From: dvicory <dvicory@web>
Date: Tue, 28 Feb 2017 20:30:31 +0000
Subject: Added a comment: Security of P2P repo is unclear

---
 .../comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment      | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 doc/tips/peer_to_peer_network_with_tor/comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment

diff --git a/doc/tips/peer_to_peer_network_with_tor/comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment b/doc/tips/peer_to_peer_network_with_tor/comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment
new file mode 100644
index 000000000..a3cfa01b4
--- /dev/null
+++ b/doc/tips/peer_to_peer_network_with_tor/comment_1_72d4ea5ffa23f5048c453c2e7510e2f0._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="dvicory"
+ avatar="http://cdn.libravatar.org/avatar/9e4b9df55a9c1440101dc66aa0a6b62d"
+ subject="Security of P2P repo is unclear"
+ date="2017-02-28T20:30:30Z"
+ content="""
+In the security section, you say that
+
+> Anyone who learns the address of a peer can connect to that peer, download the whole history of the git repository, and any available annexed files. They can also upload new files to the peer, and even remove annexed files from the peer. So consider ways that the address of a peer might be exposed.
+
+Do you mean the addresses from `git annex peer --gen-addresses` here? Say, if someone has only my onion service address, and none of the authentication data that is normally placed in `.git/annex/creds/`, what can they do with my git repository? I think I might be confused by the use of \"address\" because of onion addresses, which are not private.
+"""]]
-- 
cgit v1.2.3