[tahoe-dev] [tahoe-lafs] #957: embed security metadata in URL
tahoe-lafs
trac at allmydata.org
Sun Feb 14 22:11:28 PST 2010
#957: embed security metadata in URL
---------------------------------------+------------------------------------
Reporter: zooko | Owner: somebody
Type: defect | Status: new
Priority: major | Milestone: undecided
Component: code | Version: 1.6.0
Keywords: newcaps newurls integrity | Launchpad_bug:
---------------------------------------+------------------------------------
In #956 it was described how "security metadata" such as highest-known-
version-number to prevent rollback attack (#955), petrification-marker to
revoke write authority (#954), or LAFS 301 Moved Permanently redirection
marker (not yet ticketed) could be embedded into parent directories for
stronger security and/or better performance.
In this ticket, let's consider that such security metadata could be
embedded into the URL itself, so that people passing around URLs outside
of Tahoe-LAFS directories would get the same benefits. The problem with
this, of course, is that URLs are very space-sensitive (see #882 (Tahoe
URIs and gateway URLs are too long and ugly)).
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/957>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list