move item from TODO to doc/todo and reply

1 files changed, 20 insertions, 0 deletions

diff --git a/doc/todo/Make_the_number_of_shard_servers_configurable/comment_1_4416f7495e2a34a3cdb6f5106beaf582._comment b/doc/todo/Make_the_number_of_shard_servers_configurable/comment_1_4416f7495e2a34a3cdb6f5106beaf582._comment
new file mode 100644
index 0000000..1a2871f
--- /dev/null
+++ b/doc/todo/Make_the_number_of_shard_servers_configurable/comment_1_4416f7495e2a34a3cdb6f5106beaf582._comment
@@ -0,0 +1,20 @@
+[[!comment format=mdwn
+ username="joey"
+ subject="""comment 1"""
+ date="2017-04-04T16:19:10Z"
+ content="""
+You can use --totalshares and --neededshares to configure how many shares
+keysafe splits the key into. See also
+[[detect_number_of_required_shares_on_restore]].
+
+Bear in mind that colluding servers still have to guess the name used to
+find the shares to combine, and even then they still have the expensive
+work of cracking the password ahead. Splitting the secret across servers is
+only an initial line of defense.
+
+It's debatable whether having a lot of servers would add much security.
+
+But, keysafe needs more servers in any case. With more than 3 servers,
+splits like 3-of-4 and 2-of-4 become usable; these and other parameters are
+probably useful in some cases.
+"""]]