[tahoe-lafs-trac-stream] [Tahoe-LAFS] #3770: Determine where lease renwal secret and cancellation secret come from in post-Foolscap world
Tahoe-LAFS
trac at tahoe-lafs.org
Tue Aug 17 19:24:42 UTC 2021
#3770: Determine where lease renwal secret and cancellation secret come from in
post-Foolscap world
----------------------+---------------------------------------
Reporter: itamarst | Owner: exarkun
Type: task | Status: new
Priority: normal | Milestone: HTTP Storage Protocol
Component: unknown | Version: n/a
Keywords: | Launchpad Bug:
----------------------+---------------------------------------
Apparently these secrets currently are generated by client from "very
loosely, it's a hash of the client secret, the convergence secret, the
storage index, and something called the lease seed". The lease seed is
apparently based on the (server?) tub ID.
Lacking Foolscap, there is no tub ID.
More broadly, the spec needs to document where these secrets come from and
how they are generated, for security audit purposes.
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3770>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list