[tahoe-lafs-trac-stream] [tahoe-lafs] #308: add directory traversal / deep-verify capability?
tahoe-lafs
trac at tahoe-lafs.org
Sat Feb 19 22:25:47 PST 2011
#308: add directory traversal / deep-verify capability?
-------------------------------+--------------------------------------------
Reporter: warner | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: 2.0.0
Component: code-dirnodes | Version: 0.7.0
Resolution: | Keywords: vdrive newcaps verify repair privacy anonymity
Launchpad Bug: |
-------------------------------+--------------------------------------------
Comment (by davidsarah):
Replying to [comment:13 davidsarah]:
> A known weakness in Elk Point 4 is that the holder of a read cap can't
verify that the value of Ctext_X in the share is correct (and hence that
the decryption Plain_X, which would hold the verify caps of a directory's
children, is correct). This is OK if Plain_K holds read/verify caps for
the directory's children, because a read cap holder can use those and
ignore Plain_X.
Oh, there's a better solution. We can include hash(CS, Plain_K) in the
share (incidentally fixing #453), and then compute K as a hash of that and
Plain_X. Then the read cap holder can check the decrypted Plain_X against
K, even though it doesn't in general know CS.
--
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/308#comment:14>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list