[tahoe-dev] TWN 25

[Patrick R McDonald]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=======================================================
Tahoe-LAFS Weekly News, issue number 25, April 07, 2012
=======================================================

Welcome to the Tahoe-LAFS Weekly News (TWN).  Tahoe-LAFS_ is a secure,
distributed storage system. `View TWN on the web`_ *or* `subscribe to TWN`_.
If you would like to view the "new and improved" TWN, complete with pictures;
please take a `look`_.

.. _Tahoe-LAFS: https://tahoe-lafs.org
.. _View TWN on the web: https://tahoe-lafs.org/trac/tahoe-lafs/wiki/TahoeLAFSWeeklyNews
.. _subscribe to TWN: https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-lafs-weekly-news
.. _look: https://tahoe-lafs.org/~marlowe/TWN25.html


Announcements and News
======================

TWN Hits Issue #25
- ------------------

With much delay, TWN hits the 25 issue milestone.  I had greatly hoped
we would reach this milestone much earlier.  Unfortunately though work
and personal life sometimes got in the way.  Even after 25 issues,
working on TWN every Friday is one of my favorite activities.  I would
like to thank the development team at Tahoe-LAFS for giving me the
opportunity to contribute this way.  Thank you very much.

Not one to sit still, present outage excluded, we are working on more
ways for you to be able to get your TWN fix.  Look for them to be coming
in the near future.

David-Sarah Named Release Manager for Next Release
- --------------------------------------------------

David-Sarah |davidsarah| is the `release manager for Tahoe-LAFS' next
release`_.  They were previously the release manager for 1.7.  Look for
their announcement on whether it will a bugfix-oriented 1.9.2 or a shiny
new 1.10.0.  Among the many other decisions for them, will be whether to
continue using darcs and git or finally cut over to git (`#1644`_).

.. _`release manager for Tahoe-LAFS' next release`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007215.html
.. _`#1644`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1644#

Boulder Hackfest
- ----------------

Zooko |zooko| `hosted a Tahoe-LAFS hackfest`_ in lovely Boulder, CO.  Lots
of work got done and I wish I could have attended.  David-Sarah did a
tremendous job in cleaning up the Trac tickets.  This is very much
appreciated.  Andrew Miller |amiller| wrote a unit test for `#641`_ to
make "tahoe backup" follow a limited number of symlinks.  Peter Le Bek
|lebek| did some work on the wiki and fixed `#1668`_.  Brian |brian|
fixed `#1689`_.  John Dougherty posted his first review.
Lastly, I started reviewing documentation patches and resumed work on
TWN.  And that was just the first day.  Thanks to Zooko for sponsoring
the event and thanks to all those who attended and contributed.

.. _`hosted a Tahoe-LAFS hackfest`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007231.html
.. _`#641`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/641
.. _`#1668`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1668
.. _`#1689`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1689

pycryptopp 0.6.0.1206569328141510525648634803928199668821045408958
- ------------------------------------------------------------------

`pycryptopp 0.6.0.1206569328141510525648634803928199668821045408958 was
released`_.  Aside from having one of the coolest version numbers in
existance, pycryptop is "a python wrapper around a few algorithms from
the Crypto++ and python-Ed25519 libraries." [`0`_].  Included in this
release were the following fixes/features:

* src/pycryptopp/_version.py: release pycryptopp-0.6.0
* add Ed25519 signatures (`#75`_)
* add XSalsa20 cipher (`#40`_)
* switch from darcs to git for revision control
* pycryptopp version numbers now include a decimal encoding of …
* reorganize the source tree and the version number generation
* aesmodule.cpp: validate size of IV and throw exception if it is not 16
  (`#70`_)
* fixed compile errors with gcc-4.7.0 (`#78`_)
* fixed compile errors concerning "CryptoPP::g_nullNameValuePairs"
  (`#77`_)
* suppress warnings from valgrind with new OpenSSL 1.0.1 on Fedora
  (`#82`_)
* raise Python exception instead of uncaught C++ exception (resulting in
  abort) when deserializing malformed RSA keys (`#83`_)

.. _`pycryptopp 0.6.0.1206569328141510525648634803928199668821045408958
   was released`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007119.html
.. _`0`: https://pypi.python.org/pypi/pycryptopp
.. _`#75`: https://tahoe-lafs.org/trac/pycryptopp/ticket/75
.. _`#40`: https://tahoe-lafs.org/trac/pycryptopp/ticket/40
.. _`#70`: https;//tahoe-lafs.org/trac/pycryptopp/ticket/70
.. _`#78`: https://tahoe-lafs.org/trac/pycryptopp/ticket/78
.. _`#77`: https://tahoe-lafs.org/trac/pycryptopp/ticket/77
.. _`#82`: https://tahoe-lafs.org/trac/pycryptopp/ticket/82
.. _`#83`: https://tahoe-lafs.org/trac/pycryptopp/ticket/83

Signed-Introducer Announcements
- -------------------------------

As a result of the new pycryptopp, `signed-introducer code has landed`_
(`#466`_).  For users, this means:

* tahoe now depends upon the new pycryptopp: next time you update,
  you'll need to do 'setup.py build' so it will pick up 0.6.0

* the first time your node wakes up with the new code, it will create a
  NODEDIR/private/server.privkey file, containing the new Ed25519
  private signing key. This is a binary file, not meant for copy/paste
  or human interaction.

* server IDs are changing. The old (foolscap-based) IDs look like
  "rkybwv7hpuwpnyqhwjz43v727orr7fqd". Once everything is upgraded, the
  Welcome page will show new server IDs that look like
  "v0-fcmgu663rdyshncihts4e45rtwjwvc7ebcrtlaiv345yyps667pq". (the old
  ones are a SHA1 hash of the tub's public SSL certificate, the new ones
  are an Ed25519 public verifying key) [`1`_]

Even more exciting is what this means for the future.  Signed-introducer
announcements open the door to a good many things:

* Introducer announcements are now extensible dictionaries, instead of
  fixed-size tuples. This allows servers to cleanly advertise new
  services, and include additional metadata like how much space they
  have available. This will be used by the upcoming Accounting work to
  advertise an alternate storage-server object from which per-account
  connections can be obtained. `#666`_

* Announcements are signed, which means the Introducer doesn't get to
  modify the metadata, reducing its authority a little bit. This gets us
  one step closer to having a distributed introduction mechanism (the
  signed announcements can simply be flooded, without worrying about
  what the other nodes might do to them in transit). `#68`_

* Server nodes are known by their Ed25519 public verifying key, rather
  than by their Foolscap SSL TubID. This enables secure non-SSL
  messaging (sign a request instead of sending unsigned requests over a
  validated-SSL connection), so we can switch from Foolscap to e.g. HTTP
  for share transport, which should make the Tahoe protocol easier to
  port to other languages (Foolscap offers more features than we really
  need, and its need to check the SSL certificate is an implementation
  hassle). `#510`_

* Clients can securely reference a server by its pubkey, which will be
  the basis for explicit "which servers am I willing to use"
  configuration. `#467`_, `#295`_ [`2`_]

.. _`signed-introducer code has landed`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007109.html
.. _`#466`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/466
.. _`1`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007109.html
.. _`#666`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/666
.. _`#68`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/68
.. _`#510`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/510
.. _`#467`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/467
.. _`#295`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/295
.. _`2`:
   https://tahoe-lafs.org/pipermail/tahoe-dev/2012-March/007109.html

Quote of the Week
=================

A good friend of mine had terrific statement regarding Tahoe-LAFS which
I wanted to share with everyone.  I think her words pretty nicely sum up
what makes Tahoe-LAFS really special for the end user.

"For cloud security - I trust @tahoelafs.  There is no cloud provider in
the world I trust but I do trust good crypto." - @catskillmarina

- From the tahoe-dev Mailing List
===============================

There is a good deal here I want to cover.  However, I am still neck
deep in emails.  I will make sure to bring everyone up to speed on them
next week.  Thanks again for your patience.

Patches Needing Review of the Week
==================================

There is one (1) ticket still needing review for 1.9.2:

* `#1115`_: add servers-of-happiness to reports (post-repair says 10
  hosts have good shares but there only 4 hosts)

There are four (4) tickets still needing review for 1.10:

* `#1161`_: improve new-downloader logging
* `#1579`_: Patch to Add "Move" Functionality to Web Interface
  problem)
* `#443`_: set ETag on immutable directories, short-circuit on cache hit
* `#1693`_: flogtool doesn't get automatically provided

.. _`#1115`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1115
.. _`#1161`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1161
.. _`#1579`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1579
.. _`#443`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/443
.. _`#1566`: http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1566
.. _`#1693`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1693

- ----

*The Tahoe-LAFS Weekly News is published once a week by The Tahoe-LAFS*
*Software Foundation, President and Treasurer: Peter Secor* |peter|
*. Scribes: Patrick "marlowe" McDonald* |marlowe| *, Zooko Wilcox-O'Hearn*
, Editor: Zooko.* `View TWN on the web`_ *or* `subscribe to TWN`_
*. Send your news stories to* `marlowe at antagonism.org`_ *— submission
deadline: Friday night.*

.. _marlowe at antagonism.org: mailto:marlowe at antagonism.org
.. |zooko| image:: zooko.png
   :height: 35
   :alt: zooko
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |brian| image:: warner.png
   :height: 35
   :alt: brian
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |peter| image:: psecor.jpg
   :height: 35
   :alt: peter
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |marlowe| image:: marlowe-x75-bw.jpg
   :height: 35
   :alt: marlowe
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wiki/AboutUs
.. |davidsarah| image:: davidsarah_bw.png
   :height: 35
   :alt: davidsarah
   :target: http://tahoe-lafs.org/trac/tahoe-lafs/wikiAboutUs
.. |amiller| image:: amiller_grey.png
   :height: 35
   :alt: amiller
.. |lebek| image:: lebek.jpg
   :height: 35
   :alt: lebek
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJPgEqmAAoJEAT4nRyi0elyH+EP/24KNIDTqj+1iP2GNy5OEPuh
kFTGI/1JwzEATWHivz7H7CFqoR9go9wwOoP4qVU8hwVHzTXfSpCu65iTEq1obME+
nfDgZaw91SsGFP8X0KpXyXmrSkzbBTfG34TeXwYck/P9V5k511+xJ5akpmG9SVT6
rgd1QFFwvE2os97WesdF489rvLlsAJ9FiXlx/9OLGzu8l6MgIDp+jwsOGK0hlZbl
IqALS1l9ghG1roEb9okFFAEwXsWgzYKFKY2j57ksqltaSxhS9oeiHSpTd/wCcjMC
jTPBng67QFjpQYtPiCAfR9JduMzx+OhsEza4thYiTgum11XSTW9+WY3QiXX+u5Eo
+1o2Gz5S333/cTQcjoKjTwMtjqI/aNDIKmksRbJs5BKw+GPP60l0Zi0afV+1U8PH
WE4oh1KXRQhdCl8Jzb0fhzvUcQXdJ1Ug7sYrEmu2BmzUbd3U5RUePeXNlIr62Dtx
fTmuxDSIzBGfq9Zz9GQDAt5O9Qx/NnId4zKIDn7tNWAy/vx5LsNepdCyjHa22NOb
CRuEe7JR7iL58vFSPs402PvgwczJZOE9DrNqIVtPD21LmygzbZgGY3/FPj4TvyoH
VgchmTBlUiysL3/iI/fhrJfUqsPusBxyhDb1JLO4dPDb9dvJhCnMw9pJF64thN0E
HgXhLd4O3rkXCX7DV4WU
=l51j
-----END PGP SIGNATURE-----