Evan Daniel wrote: > On Sat, Feb 6, 2010 at 12:57 PM, Michael Rogers > <m.rogers at cs.ucl.ac.uk> wrote: >> Evan Daniel wrote: >>>> They only request the successful one, so the squatted ones fall out of >>>> the network. >>> >>> In which case, the KSK isn't actually the SHA of the final data... >> >> Right - it's the SHA1 of the data stored under the KSK. The data stored >> under the KSK is the key of a redirect to the final data. The inserter >> can make any number of redirects to the same data, and therefore any >> number of distict KSKs, until one of them inserts without a collision, >> at which point the inserter has a KSK to give to the requester. > > Then what's the benefit over using a short KSK, as I was suggesting?
It all boils down to that the receiver can verify he's not being redirected to a bogus site. I was hoping for a short and secure hash, but alas the short part is not that short anymore.
