On Nov 23, 2009, at 16:43, Stefan Xenon wrote: > How can a user configure if to use a per-file encryption or > convergent encryption?
Convergent encryption is used, by definition, for immutable files -- the cap identifies the particular file content. Encryption with a generated keypair is used, by definition, for mutable files -- the read-cap contains the public key, and the write- cap contains the private key. As a matter of current usage, note that most "file" files are stored as immutable files. Currently, directories (which are also files) are always mutable files (i.e. entries can be added and removed) but there is current work on adding immutable directories. > AFAIK the key is included in the cap. With per-file encryption does > the user need to note the cap for each file? How does this work for > a backup scenario where the user also needs to backup the keys > (separately) but which is not possible if the amount of keys depends > on the amount of files? The caps to the backed up files are stored in the directories. You only need to keep a cap to the root of your backup directory tree. -- Kevin Reid <http://switchb.org/kpreid/> _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
