[tahoe-lafs-trac-stream] [Tahoe-LAFS] #3875: Server/client code for HTTP storage protocol fURLs
Tahoe-LAFS
trac at tahoe-lafs.org
Tue Mar 1 15:34:11 UTC 2022
#3875: Server/client code for HTTP storage protocol fURLs
----------------------+---------------------------------------
Reporter: itamarst | Owner: itamarst
Type: task | Status: new
Priority: normal | Milestone: HTTP Storage Protocol
Component: unknown | Version: n/a
Keywords: | Launchpad Bug:
----------------------+---------------------------------------
A HTTP storage fURL looks like `pb://i5xb...@example.com:443/g3m5...#v=1`,
where `i5xb...` is the sha256 of the Subject Public Key Information. The
`g3m5...` is the swissnum; the `#v=1` means it's HTTP.
On the server-side:
1. The HTTP server should be able to listen with TLS, given paths to key
file and certificate file. (It already accepts the swissnum.)
2. It should provide an API that returns the fURL in above format.
On the client-side:
1. The client should be able to determine the host/port to connect to from
a fURL.
2. Upon connecting, the client should verify:
1. Expiration date of certificate; it hasn't expired.
2. That the public key in the certificate has SPKI signature the
matches the one in the fURL.
3. That the certificate was signed by the private key (i.e. self-
signed).
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3875>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list