[tahoe-lafs-trac-stream] [Tahoe-LAFS] #3770: Determine where lease renwal secret and cancellation secret come from in post-Foolscap world

Tahoe-LAFS trac at tahoe-lafs.org
Tue Aug 17 19:24:42 UTC 2021


#3770: Determine where lease renwal secret and cancellation secret come from in
post-Foolscap world
----------------------+---------------------------------------
 Reporter:  itamarst  |          Owner:  exarkun
     Type:  task      |         Status:  new
 Priority:  normal    |      Milestone:  HTTP Storage Protocol
Component:  unknown   |        Version:  n/a
 Keywords:            |  Launchpad Bug:
----------------------+---------------------------------------
 Apparently these secrets currently are generated by client from "very
 loosely, it's a hash of the client secret, the convergence secret, the
 storage index, and something called the lease seed". The lease seed is
 apparently based on the (server?) tub ID.

 Lacking Foolscap, there is no tub ID.

 More broadly, the spec needs to document where these secrets come from and
 how they are generated, for security audit purposes.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3770>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage


More information about the tahoe-lafs-trac-stream mailing list