* Matthew Toseland <toad at amphibian.dyndns.org> [2007-04-14 13:24:17]:
> On Sat, Apr 14, 2007 at 01:03:18PM +0200, Florent Daigni?re (NextGen$) wrote: > > * Florent Daigni?re (NextGen$) <nextgens at freenetproject.org> [2007-04-14 > > 12:58:29]: > > > > > In the long term we will ask the client to send us a salted hash of the > > > full content in ClientPuts so that we can ensure it has read access to > > > the file. Toad wants that the node chooses the salt and that it is not > > > predictable ... it involves using a challenge/response mechanism > > > => more complexity won't be implemented "soon" > > > > > > I am convinced we need the hash to be salted but I'm not convinced that > > > we have to randomize it on a per-request basis : We could send an > > > identifier in the NodeHello message and ensure it matches the salt. > > > @toad any problem with that approach ? > > > > > > If there isn't any I might implement it soon. > > > > > > > In fact we might even ask for H( NodeHello.id + Client(Put|Get).id, > > content) so that it would be unique ... provided we keep track of > > identifiers when requests are terminated. > > What's this NodeHello.id ? You mean ClientHello.name ? That's chosen by > the client. NodeHello is the reply the node gives after a ClientHello ... a new field we would introduce. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070414/2b114925/attachment.pgp>
