On Wed, Sep 27, 2006 at 08:11:04PM +0100, Michael Rogers wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > If an SSK insert collides with data in the store or the cache, we > replace the data in the insert with the existing data and keep > inserting. This makes it impossible to overwrite an SSK even if you have > the private key, which is a good thing because keys can be compromised > and authors can be threatened. > > But I think there might be a problem: if we're processing an SSK insert > and we receive a collision from downstream, we replace the data in the > insert with the existing data and keep inserting. But what if the > "existing" data from downstream is actually new data generated by > someone with the private key? They'd be able to spread the new data to > every node on the upstream path of the insert.
Downstream = a node we routed to? Well, if it's common, it'll just collide again and we'll end up spreading the old data again... > > Example: Alice inserts X. Alice's private key is later seized by Bob. > Bob can't overwrite X by inserting Y under the same key, but whenever he > gets a request for the key he can return Y instead of X, spreading Y to > every node between himself and the requester, *even the ones that have > already seen X*. If someone later attempts to reinsert X, every insert > that hits a node containing Y will spread Y even further instead of > spreading X. If we hit a node returning Y, we spread Y. Then we hit a node returning X, and we spread X again. I don't see the problem... > > Should we ignore collision messages from downstream? > > Cheers, > Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060927/14f263ed/attachment.pgp>
