Indeed; as AGL points out, this works fine. I thought it was worth amplifying his point somewhat:
A Byzantine consensus algorithm that signs each message is 'safe'[*] even when only *one* leader is uncorrupted. As a corollary, if the set of servers a client can contact contains at least one uncorrupted server, the client can learn which servers have been corrupted. (Gossip protocols are, essentially, lightweight ways of making all clients act as servers for sub-parts of the state machine.) [*] Here, safety means that the servers' representations of the underlying state machine are consistent. - dlg On Thursday, August 28, 2014, Adam Langley <[email protected]> wrote: > On Wed, Aug 27, 2014 at 2:32 PM, yan <[email protected] <javascript:;>> wrote: > > Since the Key Directories are (at least initially) run by the Identity > > Providers (Google, Yahoo, etc.), it doesn't seem very useful to gossip > > the Signed Tree Head inside channels controlled by the identity provider > > I assume that the gossip will be within the signed part of the message > so that the channel cannot alter it. > > > Cheers > > AGL > > -- > Adam Langley [email protected] <javascript:;> > https://www.imperialviolet.org > _______________________________________________ > Messaging mailing list > [email protected] <javascript:;> > https://moderncrypto.org/mailman/listinfo/messaging >
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
