From @jbenet on Thu Sep 17 2015 22:24:25 GMT+0000 (UTC)
> - If I publish content to my IPNS namespace, is that content globally viewable?
depends on the “routing system” your node is part of. by default ipfs nodes are part of a global, public DHT. you can build your own subnetworks, etc. and later on be able to use different routing systems.
- If so, does this mean I can’t store private data (think credit card numbers) within my namespace, or anywhere else on IPFS for that matter, unless it’s encrypted?
yes, keep sensitive data encrypted. we’ll have native support for this soon enough, just not there yet.
- Can someone explain how IPNS would be used to build a dynamic web application (assuming all user content needs to stay private)?
For private data, look into capabilities, in particular e-rights, tahoe LAFS, and so on. there are plenty of models available. we’ll implement one soon and have it be native, but not there yet.r ight now you need to do your own encryption.
For a better case, use IPNS to point to latest versions (think of it like a git branch, really) if you try to model how you would do it with git files, commits, and branches, you have a a very good working model of how to do it in ipfs. (thought you can do CRDTs for much better data).
- Wouldn’t a dynamic application necessitate giving both the user and the application itself read/write privileges to private user data?
depends on the application, and in those cases you can (a) scope access appropriately, (b) use capability models for this, and © use more advanced crypto primitives (like multisig) to require approval from multiple parties.
definitely if you want to build a completely distributed crypto-secure webapp with no central agent that processes things, you need to think about the update model. i encourage you to do this, it’s the right way to build distributed applications. however you can get started by translating webapps of today and only storing the data on ipfs, keeping the processing in one place. then, move to the distributed case.