[tahoe-lafs-trac-stream] [Tahoe-LAFS] #2783: remove key-generator

Thu Apr 28 05:59:06 UTC 2016

#2783: remove key-generator
----------------------------+---------------------------
 Reporter:  warner          |          Owner:
     Type:  task            |         Status:  new
 Priority:  normal          |      Milestone:  undecided
Component:  code-nodeadmin  |        Version:  1.11.0
 Keywords:                  |  Launchpad Bug:
----------------------------+---------------------------
 Hey, would anybody object if I ripped out the key-generator?

 This is a standalone process that does nothing but create RSA keypairs for
 people who set `key_generator.furl=` in their tahoe.cfg . It creates them
 in the background so mutable-file creation doesn't need to wait. We built
 this back in the !AllMyData days because we were worried about how long
 clients would block while creating keys.

 I argued against removing it in #542 (in 2008), but I've changed my mind
 since then. I'm no longer really comfortable with users (even !AllMyData-
 style customers) getting their keys from anywhere other than their own
 computers (I shouldn't have been comfortable with it back then either,
 really). Also it's one more daemon that needs a `--location` argument
 (#2773) that I could avoid spending time updating.

 The speed used to bother me too, but on my home workstation (a 2012 Mac,
 2.6GHz i7) the 2048-bit RSA key generation takes 80-90 milliseconds per
 key. Not great, but not a big deal.

 OTOH, on the latest Raspberry Pi (v3 model B, 1.2GHz ARMv8), it takes
 about 1.1 seconds (per key). That's a drag, and I'm still looking forward
 to super-fast !Ed25519-based mutable files, but I don't think there's
 enough demand for an external key-generator to let the RPi speed influence
 our decision.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2783>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage