[tahoe-dev] [tahoe-lafs] #684: let client specify the encryption key
Shawn Willden
shawn-tahoe at willden.org
Sun May 24 18:00:06 PDT 2009
On Sunday 24 May 2009 06:23:22 pm Zooko Wilcox-O'Hearn wrote:
> On May 24, 2009, at 14:48 PM, Shawn Willden wrote:
> > I need a way to map content hashes to read caps, because my backup
> > log contains content hashes. I can't put read caps in the backup
> > log for a couple of reasons which should become clear below.
>
> They did not become clear to me. Why can't you put read caps in the
> backup log?
Sorry, when I wrote the "should become clear" I was intending to explain; but
then I forgot to.
To compute a read cap you have to (a) pick your FEC parameters and (b) do all
of the FEC work so you can generate the UEB so you can hash it.
I don't want the backup to have to know what FEC parameters will be used, and
for performance reasons I definitely don't want to do everything required to
compute a UEB. Actually, I have to say that I haven't tested the performance
issue. Brian seemed to think it would be much slower than just hashing the
file. File hashing is basically I/O bound on most machines.
In addition to those issues, there's also the fact that I don't know at backup
log generation time if I'm going to upload a full file or a delta, and the
read cap for the two will be different. If I knew, it would also mean that
I'd have to generate the delta so that I could generate the read cap for the
delta.
> I guess in general you don't want to do that unless, of
> course, you want someone having access to the backup log itself to
> give them access to all the files. Do you want that?
Yes, I do want that. The issue is separation of concerns and scan
performance, not access control.
Shawn.
More information about the tahoe-dev
mailing list