On Tue, Sep 16, 2014 at 5:42 AM, Steve Dougherty <st...@asksteved.com> wrote:
> The trusted key IDs are updated if the channel definition is signed with > enough valid signatures under the existing definition. This means > everything on a channel - not just the files like freenet.jar - require > signatures. > The update channel idea sounds great in general. I do see one major problem with the a above, though. Consider a rather old update channel (USK@…/…/100). Now suppose the update channel is so old that edition 0 has fallen out of Freenet (which will obviously happen, given the nature of Freenet). A new client subscribes to the update channel (for obvious reasons, this will be USK@…/…/0) — what happens? The new client now has no way of verifying that the definition file has not been tampered with since the last trusted edition (i.e. edition 0). In fact, this problem arises if *any* single previous edition becomes unretrievable for any reason: the chain is broken and authenticity can no longer be verified. Kind regards, Bert _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
