[tahoe-dev] [tahoe-lafs] #280: get_hash method in webapi for extension caching logic.
tahoe-lafs
trac at allmydata.org
Mon Sep 28 20:24:56 PDT 2009
#280: get_hash method in webapi for extension caching logic.
---------------------------+------------------------------------------------
Reporter: nejucomo | Type: enhancement
Status: new | Priority: minor
Milestone: undecided | Component: code-frontend-web
Version: 0.7.0 | Keywords: webapi caching extension
Launchpad_bug: |
---------------------------+------------------------------------------------
Comment(by zooko):
There is currently no hash of the plaintext stored. See
http://allmydata.org/~zooko/lafs.pdf diagram 1 for what is stored for an
immutable file currently. We used to have one, but we took it out because
it was visible to anyone (it was stored on storage servers unencrypted),
and this enables anyone to mount guess-and-check attacks (per
http://hacktahoe.org/drew_perttula.html ). #453 (safely add plaintext_hash
to immutable UEB) is a ticket to add plaintext hashes back but store them
encrypted under the read-cap.
If we had #453, we could easily give out the hash-of-plaintext or else the
root-of-merkle-tree-of-plaintext to serve this API. But wait a minute,
what's the use case of this proposed API again? How come the user can't
just use the verify cap instead of this hash-of-the-plaintext?
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/280#comment:8>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list