[tahoe-lafs-trac-stream] [tahoe-lafs] #466: extendable Introducer protocol: dictionary-based, signed announcements

tahoe-lafs trac at tahoe-lafs.org
Wed Mar 14 01:27:42 UTC 2012 

#466: extendable Introducer protocol: dictionary-based, signed announcements
-------------------------+-------------------------------------------------
     Reporter:  warner   |      Owner:  warner
         Type:           |     Status:  new
  enhancement            |  Milestone:  1.10.0
     Priority:  major    |    Version:  1.1.0
    Component:  code-    |   Keywords:  introduction forward-compatibility
  network                |  performance accounting ecdsa pycryptopp
   Resolution:           |
Launchpad Bug:           |
-------------------------+-------------------------------------------------

Comment (by Brian Warner <warner@…>):

 In [changeset:bc21726dfd73b434c8c513ec482f582cce88fc2a/git]:
 {{{
 #!CommitTicketReference repository="git"
 revision="bc21726dfd73b434c8c513ec482f582cce88fc2a"
 new introducer: signed extensible dictionary-based messages! refs #466

 This introduces new client and server halves to the Introducer (renaming
 the
 old one with a _V1 suffix). Both have fallbacks to accomodate talking to a
 different version: the publishing client switches on whether the server's
 .get_version() advertises V2 support, the server switches on which
 subscription method was invoked by the subscribing client.

 The V2 protocol sends a three-tuple of (serialized announcement
 dictionary,
 signature, pubkey) for each announcement. The V2 server dispatches
 messages
 to subscribers according to the service-name, and throws errors for
 invalid
 signatures, but does not otherwise examine the messages. The V2 receiver's
 subscription callback will receive a (serverid, ann_dict) pair. The
 'serverid' will be equal to the pubkey if all of the following are true:

   the originating client is V2, and was told a privkey to use
   the announcement went through a V2 server
   the signature is valid

 If not, 'serverid' will be equal to the tubid portion of the announced
 FURL,
 as was the case for V1 receivers.

 Servers will create a keypair if one does not exist yet, stored in
 private/server.privkey .

 The signed announcement dictionary puts the server FURL in a key named
 "anonymous-storage-FURL", which anticipates upcoming Accounting-related
 changes in the server advertisements. It also provides a key named
 "permutation-seed-base32" to tell clients what permutation seed to use.
 This
 is computed at startup, using tubid if there are existing shares,
 otherwise
 the pubkey, to retain share-order compatibility for existing servers.
 }}}

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/466#comment:26>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list