[tahoe-dev] Choice of tree-hash
David-Sarah Hopwood
david-sarah at jacaranda.org
Mon Sep 24 19:54:42 UTC 2012
On 24/09/12 18:49, Tony Arcieri wrote:
> That said, I'd propose the following options, both of which I'd like to support:
>
> 1) No added secret value: this opens you up to the aforementioned attacks, but provides
> global deduplication
You can achieve this by using the empty string as a convergence secret.
> 2) Added secret value: instead of a per-user secret, I'd like to simply add a random
> secret to the capability string itself. This prevents the aforementioned attacks, while
> also providing the sort of easy transferability that makes capabilities great
The current Tahoe design allows random keys. It doesn't require any extra field in the
capability. There's just no UI to enable it at the moment.
--
David-Sarah Hopwood ⚥
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120924/83c01246/attachment-0001.pgp>
More information about the tahoe-dev
mailing list