[tahoe-dev] deleting encryption key vs. deleting ciphertext (was: Noob questions)

zooko zooko at zooko.com
Fri Aug 22 16:14:50 UTC 2008


Welcome, George!

If you can tell us a bit about the project that you are developing,
I would be interested to hear about it.

You are correct that a user who initially uplodas/creates a mutable
file or a directory automatically gets the read-write cap to that
directory.  The confusion lies in the fact that the section of
architecture.txt that you were reading is talking about deleting
ciphertext to free up disk space for re-use, while deleting a read-cap
means deleting the encryption key, thus making the ciphertext
indecipherable.

I've added a note to architecture.txt trying to clarify this.

While doing so, I noticed an edit that I had made to architecture.txt
and had forgotten to commit.  That edit adds a prominent warning that
the section about "garbage collection and accounting" that you were
reading is out of date and might not be implemented in that way at
all:

http://allmydata.org/trac/tahoe/changeset/2880

Regards,

Zooko
---
http://allmydata.org -- Tahoe, the Least-Authority Filesystem
http://allmydata.com -- back up all your files for $5/month




More information about the tahoe-dev mailing list