[tahoe-dev] about cap

Zooko O'Whielacronx zooko at zooko.com
Wed Aug 4 05:05:01 UTC 2010 

Hi Yu Xue.

Okay, I looked at this file:

http://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/src/allmydata/uri.py

The step that I was suggesting to you--to define a new URI type which
is just like the old type but uses a new encryption scheme--would
probably involve copying each of the following classes to a new class
and then changing the name of it and the URI prefix that it matches,
something like the following. Take the following set of Python class:
string prefix:

CHKFileURI: 'URI:CHK:'
CHKFileVerifierURI: 'URI:CHK-Verifier:'
WriteableSSKFileURI: 'URI:SSK:'
ReadonlySSKFileURI: 'URI:SSK-RO:'
SSKVerifierURI: 'URI:SSK-Verifier:'
DirectoryURI: 'URI:DIR2:'
ReadonlyDirectoryURI: 'URI:DIR2-RO:'
ImmutableDirectoryURI: 'URI:DIR2-CHK:'
LiteralDirectoryURI: 'URI:DIR2-LIT:'
DirectoryURIVerifier: 'URI:DIR2-Verifier:'
ImmutableDirectoryURIVerifier: 'URI:DIR2-CHK-Verifier:'

and make a new set of classes in addition to the ones that already
exist (above), something like:

CHKFileXURI: 'URI:CHKX:'
CHKFileXVerifierURI: 'URI:CHKX-Verifier:'
WriteableSSKXFileURI: 'URI:SSKX:'
ReadonlySSKXFileURI: 'URI:SSKX-RO:'
SSKXVerifierURI: 'URI:SSKX-Verifier:'
DirectoryXURI: 'URI:DIR2X:'
ReadonlyDirectoryXURI: 'URI:DIR2X-RO:'
ImmutableDirectoryXURI: 'URI:DIR2X-CHK:'
DirectoryXURIVerifier: 'URI:DIR2X-Verifier:'
ImmutableDirectoryXURIVerifier: 'URI:DIR2-CHKX-Verifier:'

Then immediately add unit tests of the code in
http://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/src/allmydata/test/test_uri.py
so that they exercise the code you just created by
cutting-and-pasting.

Then attach your patch to a ticket.

The idea is that you will then write another patch to make it so that
the "X" variants of the caps are to be encrypted/decrypted with
XSalsa20+AES128 instead of with AES256.

Note: you may receive some objections to this patch! The current
ruling cabal of Tahoe-LAFS leaders -- Brian, David-Sarah, and myself
-- may have reservations about how this code works or even about the
whole idea making this change to Tahoe-LAFS at this time. However
there is no better way to get our attention and to force us to express
our desires, objections, or requirements precisely than to show us a
patch. :-)

(I'm sorry that I cannot give you assurance that if you do this right
that it will go into Tahoe-LAFS trunk at this time. That's just the
way it works. Rest assured that your marks on Google Summer of Code
reviews are based on how well you perform and participate in our
process, not on whether or not your patch gets accepted at this time.)

Regards,

Zooko

P.S. If this change to uri.py that I proposed to you above is too
confusing for you then there is something else you could work on
instead until you understand uri.py better. That would be to write an
extension to pycryptopp, just like your extension to add XSalsa20
(http://tahoe-lafs.org/trac/pycryptopp/ticket/40 ), which adds
XSalsa20+AES128 as a combined mode of operation.

More information about the tahoe-dev mailing list