[tahoe-dev] [tahoe-lafs] #957: embed security metadata in URL

tahoe-lafs trac at allmydata.org
Tue Feb 16 05:11:26 UTC 2010

#957: embed security metadata in URL
 Reporter:  zooko                      |           Owner:  somebody 
     Type:  defect                     |          Status:  new      
 Priority:  major                      |       Milestone:  undecided
Component:  code                       |         Version:  1.6.0    
 Keywords:  newcaps newurls integrity  |   Launchpad_bug:           

Comment(by warner):

 um, if the assumption is that once you pass a URL to someone out-of-band
 that they'll always keep using that same URL, then there's less value in
 putting some of these indicators into those URLs. Neither "moved
 permanently" nor "petrification" seems very useful in that context. "max-
 known-version" (i.e. "min-acceptable-version") is marginally more
 plausible: I could give you a URL that couldn't be rolled back to anything
 from before the time I computed the URL. You get no protection from
 subsequent updates+rollbacks, though.

 It sounds like there should be some optional extra fields in a URL. These
 fields are allowed to make the URL longer than we'd necessarily like to
 pass around, if the only place they'll be seen is in a dirnode childcap.

 davidsarah: well, mutable file version numbers start at 0 and are
 incremented for each update, and live in an 8-byte field. We could compute
 the distribution for e.g. the prodnet grid, by building a "share report"
 (since the version number is outside the encrypted payload). But it
 depends entirely upon how long somebody has been using a given directory
 and how frequently they update it.

Ticket URL: <http://allmydata.org/trac/tahoe/ticket/957#comment:3>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid

More information about the tahoe-dev mailing list