2009/9/4 Tad Glines <[email protected]> > > > As far as I can tell, the only way for a remote server (or client) to > obtain > > > the current version of a wavelet/doc is to reconstruct it from the > history. > > > This seems like it would be suboptimal in cases where a wavelet has a > large > > > history. Am I missing something? > > > > It's important for you to request the entire history as each delta > > will be signed by the originating party. If you optimise the process > > by sending a snapshot (which you might want to do from server to > > client, depending on your trust model) you lose the ability to verify > > that a wavelet was actually written by its claimed author. > > As I understand it, all wavelet updates are signed by the federation > host. If the version hash was included in the update signature, then > the content at that version is easily verified without looking at the > history. > > That would require you to trust the host to compose the operations from federated services correctly. If the host signs only a snapshot you cannot verify that it correctly includes updates made via remote servers.
> > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Wave Protocol" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/wave-protocol?hl=en -~----------~----~----~----~------~----~------~--~---
