I didn't find this in the FAQ, so: Q: I understand that using a convergence secret unknown to attackers protects me from the known file confirmation attack. But, using a different convergence secret on each client means that the same file will be stored mulitple times. Should I use the same convergence secret on all of my clients, or leave them different?
Proposed answer, of which I'm not sure: A: If your files are the same (perhaps because you rsync some of them), using the same convergence secret will save space. The convergence secret used by a node is less sensitive than one's rootcap, so if you store rootcap aliases on multiple machines, there's no harm in using the same convergence secret. and: Q. Do I need to save the convergence secret to be able to recover my files? What if I change the convergence secret periodically? A. (UNSURE!) The encryption key is encoded in the capability, so the convergence secret is not needed to recover files. Changing it means that new files will no longer converge, but has no other bad effects.
pgpGe764EYLHE.pgp
Description: PGP signature
_______________________________________________ tahoe-dev mailing list [email protected] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
