> so you don't retry it quite so aggressively. No problem! But it is harder than on 0.5 and more complicated for the clients. I only meant 32KB would be great.
On 1/15/07, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > On Thu, Jan 04, 2007 at 10:21:54AM +0100, bbackde at googlemail.com wrote: > > > Sorry - I still don't understand. A key that's readable and writable to > > > everyone - is that not a KSK? > > > > Yes, thats KSK. But you see the problems we have with the 'new' KSK > > keys which are 1KB in size and provide transparent redirects to other > > keys? KSKs on 0.5 were great for Frosts messaging (32KB size, no > > transparent redirects), but the 'new' KSKs introduced the problems we > > talk about here (new kind of attacks, ...). > > Inserting random garbage has always been a viable attack against Frost. > All you have to do is set an appropriate maximum data size. > > > > The devs tried to make it easier for clients, but now some clients > > have serious problems. > > It could help to introduce a new type of freenet key, like KSK but > > without redirects and 32KB maximum size (like CHK). This would be > > perfect for Frost like clients. > > How does that differ to just setting max size = 32kB in Frost? Sure you > have the code=28 issues, but so what? You can handle them - if you get a > code 28, there's a possibility that it's an attack, so you don't retry > it quite so aggressively. > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFFq8SYA9rUluQ9pFARAlVgAJ9ow4ZDEBQ61gbg78pxl7Q0TCaF6ACgu5hI > TsAlHclMI/TYtzpjtN9NGVk= > =qUO1 > -----END PGP SIGNATURE----- > > > _______________________________________________ > Tech mailing list > Tech at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/tech > >
