On 2011-02-24 01:17, Greg Troxel wrote: > > I didn't find this in the FAQ, so: > > Q: I understand that using a convergence secret unknown to attackers > protects me from the known file confirmation attack. But, using a > different convergence secret on each client means that the same file > will be stored mulitple times. Should I use the same convergence > secret on all of my clients, or leave them different? > > > Proposed answer, of which I'm not sure: > > A: If your files are the same (perhaps because you rsync some of them), > using the same convergence secret will save space. The convergence > secret used by a node is less sensitive than one's rootcap, so if you > store rootcap aliases on multiple machines, there's no harm in using the > same convergence secret. > > > and: > > Q. Do I need to save the convergence secret to be able to recover my > files? What if I change the convergence secret periodically? > > A. (UNSURE!) The encryption key is encoded in the capability, so the > convergence secret is not needed to recover files. Changing it means > that new files will no longer converge, but has no other bad effects.
These sound like good questions and answers. It should be "new files will no longer converge with older files", though. (Files uploaded after the change will still converge with each other.) -- David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tahoe-dev mailing list [email protected] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
