commit 8a27f027a2ffe42b1ebb4c29aae1dccdcf362cf9
parent 8b22295caa04e8126503ec74fa3564cf9ea13d89
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 19 Jun 2020 12:13:11 +0200
clarify CodeBlau op sec question
Diffstat:
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/taler-auditor-manual.rst b/taler-auditor-manual.rst
@@ -59,7 +59,11 @@ to other parties.
To perform this duty, you will need at least (read-only) access to the bank
transactions of the exchange, as well as a continuously synchronized replica
-of the exchange's database.
+of the exchange's database. The general assumption for running the auditor
+is that this is done on a separate system controlled by the auditor. After
+all, the goal is to detect nerfarious activity of the exchange operator,
+which cannot be effectively done on a machine controlled by the exchange
+operator.
For this, every auditor needs to operate a Postgres database. The data
collected will include sensitive information about Taler users, including
