On Sat, Apr 14, 2007 at 01:03:18PM +0200, Florent Daigni?re (NextGen$) wrote: > * Florent Daigni?re (NextGen$) <nextgens at freenetproject.org> [2007-04-14 > 12:58:29]: > > > In the long term we will ask the client to send us a salted hash of the > > full content in ClientPuts so that we can ensure it has read access to > > the file. Toad wants that the node chooses the salt and that it is not > > predictable ... it involves using a challenge/response mechanism > > => more complexity won't be implemented "soon" > > > > I am convinced we need the hash to be salted but I'm not convinced that > > we have to randomize it on a per-request basis : We could send an > > identifier in the NodeHello message and ensure it matches the salt. > > @toad any problem with that approach ? > > > > If there isn't any I might implement it soon. > > > > In fact we might even ask for H( NodeHello.id + Client(Put|Get).id, > content) so that it would be unique ... provided we keep track of > identifiers when requests are terminated.
What's this NodeHello.id ? You mean ClientHello.name ? That's chosen by the client. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070414/b54dec0a/attachment.pgp>
