[tahoe-lafs-trac-stream] [tahoe-lafs] #1802: make new introducer furls unguessable

tahoe-lafs trac at tahoe-lafs.org
Thu Dec 20 17:10:33 UTC 2012 

#1802: make new introducer furls unguessable
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  warner
  davidsarah             |     Status:  new
         Type:  defect   |  Milestone:  1.10.0
     Priority:  major    |    Version:  1.9.2
    Component:  code-    |   Keywords:  introducer furl security easy
  nodeadmin              |  forward-compatibility
   Resolution:           |
Launchpad Bug:           |
-------------------------+-------------------------------------------------
Changes (by warner):

 * owner:  davidsarah => warner


Old description:

> In [source:src/allmydata/introducer/server.py], new introducer furls are
> created with the guessable swissnum "introducer".
>
> New furls should instead be created as random, by omitting the
> {{{"introducer"}}} argument to
> [http://foolscap.lothar.com/docs/api/foolscap.pb.Tub-
> class.html#registerReference tub.registerReference] and using {{{
> furlFile=os.path.join(self.basedir, "private", "introducer.furl")
> }}} instead. Existing furls will not change because {{{introducer.furl}}}
> will already exist, so this is backward-compatible.
>
> The full security benefit is not obtained without #860, but there's no
> reason to continue generating guessable furls for new introducers in the
> meantime.

New description:

 In [source:src/allmydata/introducer/server.py], new introducer furls are
 created with the guessable swissnum "introducer".

 New furls should instead be created as random, by omitting the
 {{{"introducer"}}} argument to
 [http://foolscap.lothar.com/docs/api/foolscap.pb.Tub-
 class.html#registerReference tub.registerReference] and using {{{
 furlFile=os.path.join(self.basedir, "private", "introducer.furl")
 }}} instead. Existing furls will not change because {{{introducer.furl}}}
 will already exist, so this is backward-compatible.

 The full security benefit is not obtained without #860, but there's no
 reason to continue generating guessable furls for new introducers in the
 meantime.

--

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1802#comment:3>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list