[freenet-dev] Fwd: TestDDA questions

Florent Daignière (NextGen$) nextgens at freenetproject.org
Sat Apr 14 12:03:18 BST 2007


* Florent Daignière (NextGen$) <nextgens at freenetproject.org> [2007-04-14 12:58:29]:

> In the long term we will ask the client to send us a salted hash of the
> full content in ClientPuts so that we can ensure it has read access to
> the file. Toad wants that the node chooses the salt and that it is not
> predictable ... it involves using a challenge/response mechanism
> => more complexity won't be implemented "soon"
> 
> I am convinced we need the hash to be salted but I'm not convinced that
> we have to randomize it on a per-request basis : We could send an
> identifier in the NodeHello message and ensure it matches the salt.
> @toad any problem with that approach ?
> 
> If there isn't any I might implement it soon.
> 

In fact we might even ask for H( NodeHello.id + Client(Put|Get).id,
content) so that it would be unique ... provided we keep track of
identifiers when requests are terminated.

NextGen$
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070414/35e2e8df/attachment.pgp>


More information about the Devl mailing list