[tahoe-dev] Bringing Tahoe ideas to HTTP

Michael Walsh michael at michael.ie
Thu Aug 27 20:27:27 PDT 2009


Hi Brian, all;

I'm all for including merkle trees with HTTP GETs, two items that
spring to mind:
 - Appending the location of the hash as you suggest in
#hashtree=ROOTXYZ;http://otherplace which requires no changes to the
webserver.
 - Adding a HTTP header with this data but requires something like a
server module or output script. It also doesn't ugly up the URL (but
then again, we have url shortner services for manual typing).

One merkle hash tree over HTTP that interested me was the Tiger Tree
Hash Exchange/THEX [1] that's already in use in some P2P systems, and
would be interesting reading for other hash tree over HTTP systems.

Google Wave appears to use hash trees also, but it seems to be
under-speced [2]. I guess once that becomes fleshed out there would be
more content systems outputting data along with tree hashes.


I do like straightforwardness of using the
file.ext#hashtree=root;location or file.ext.sig conventions and an
added benefit is the .sig request can be HTTP/1.1 pipelined rather
than parsing the returned headers before sending on the additional
request.

> I've no idea how hard it would be to write this sort of plugin. But I'm
> pretty sure it's feasible, as would be the site-building tools. If
> firefox had this built-in, and web authors used it, what sorts of
> vulnerabilities would go away? What sorts of new applications could we
> build that would take advantage of this kind of security?

My thoughts purely turn to verifying files and all webpage resources
integrity in a transparent and backward compatible way. Who has not
encountered unstable connections where images get corrupted and css
files don't fully load? Solving that problem would make me very happy!

[1] http://open-content.net/specs/draft-jchapweske-thex-02.html
[2] http://groups.google.com/group/wave-protocol/browse_thread/thread/74dbbd2c0f586ec9


More information about the tahoe-dev mailing list