The-Encryption-Compendium / TECv2

Hugo-based version of The Encryption Compendium.
https://encryptioncompendium.org
GNU General Public License v3.0
4 stars 1 forks source link

Client-side research assistant #51

Open kernelmethod opened 3 years ago

kernelmethod commented 3 years ago

Forked off of #43 -- it'd be incredibly useful if there was some kind of client-side research assistant that users could have to assist them with doing research in the compendium. Some potential ideas for features we could add are

Adding all of this functionality is slightly complicated by the fact that the current side is served entirely statically; we can't store any of this in a database on the server-side. This isn't necessarily bad -- if we did this server-side, we'd need to have some type of user authentication, which carries security implications that we don't currently have to worry about. And considering the subject matter, I think it's probably preferable to do as much stuff on the client side as possible.

@dkg's idea to store the user profile in their cookies and allow them to export it to a file is likely the right way to go. We would just need to make sure that users are aware that they can potentially lose their data (e.g. after rebooting their machine) if they don't export their profile regularly.

To start on this issue, I think we'd want to create a fairly bare-bones client-side tool with the minimum acceptable level of functionality. After that, we can focus on adding more features to the tool over time.

kernelmethod commented 3 years ago

I'll definitely need to bone up on my Javascript / front-end development skills for this one :)

dkg commented 3 years ago

I like these ideas! in addition to dealing with user authentication, some of the parts that propose changes to the canonical site itself will probably also involve some thinking about dealing with spam/flooding. it's a tedious part of any process that accepts public comments. (you could avoid user authentication and just offer anonymous submissions, but that might exacerbate the risk of spam/abuse too.

kernelmethod commented 3 years ago

Agreed! Amie has a lot of thoughts about this too. I think the initial plan would be to limit the ability to suggest new compendium entries to just trusted folks already working on the project, and we'd work from there to come up with a strategy to open up entry suggestions to more people over time.