As far as I can tell, all wavelet updates (ProtocolAppliedWaveletDelta) are signed by the federation host and not by the federation remote or the actual client. And, since the delta may be transformed prior to application, any client signature of the original delta would not be valid if included the wavelet update.
This means that participants have no way of verifying that the federation host applied other participants deltas properly. If the federation host maintained both the original and transformed deltas, and made them available via history then remote hosts (and their clients) could verify the hosts transformations. If the original delta's included both the host/remote signature and possible a client signature, then complete verification is possible. Have I misunderstood how OT works? Are there plans to extend verification beyond the federation host? -Tad --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en -~----------~----~----~----~------~----~------~--~---
