Opened at 2012-11-22T07:00:39Z
Closed at 2013-01-04T21:34:29Z
#1874 closed defect (invalid)
Non-Repudiation Not covered in Integrity
| Reported by: | calltodsi | Owned by: | Narendiran |
|---|---|---|---|
| Priority: | major | Milestone: | eventually |
| Component: | code-frontend-cli | Version: | 1.9.2 |
| Keywords: | https security integrity confidentiality | Cc: | narendiran_c@… |
| Launchpad Bug: |
Description
I have been testing the LAFS-Tahoe V1.9.2 package. It is observed that during the user/storage-server uploading and downloading(files) processes there is a lack that one critical link missing that is required to track data stored in cloud storage.
Though communication is happening over SSL, a user/server may refuse the sender's/receiver's certificate. So any one of them could be malicious.
Atleast there should be a signed message digest.
So, while uploading a document how a user can trust the Storage Server.
Change History (8)
comment:1 Changed at 2012-11-22T07:25:02Z by davidsarah
- Keywords security integrity added; Mutable Integrity non-repudiation lack removed
- Priority changed from supercritical to major
comment:2 Changed at 2012-11-22T07:28:06Z by davidsarah
- Component changed from code-mutable to code-frontend-cli
- Keywords https confidentiality added
- Milestone changed from 1.11.0 to eventually
- Resolution set to duplicate
- Status changed from new to closed
comment:3 Changed at 2012-11-22T07:30:50Z by davidsarah
By the way, the relevant security property here isn't nonrepudiability. That would be the inability for the server to deny that it had performed some operation. SSL/TLS does not provide nonrepudiability.
comment:4 follow-up: ↓ 5 Changed at 2012-11-22T07:46:32Z by calltodsi
Do You mean that non-repudiability is not the security properties of LAFS? And is it not covered in LAFS?
comment:5 in reply to: ↑ 4 Changed at 2012-11-22T22:47:46Z by davidsarah
Replying to calltodsi:
Do You mean that non-repudiability is not the security properties of LAFS? And is it not covered in LAFS?
That's right. Are you sure you're not confusing it with another property? Nonrepudiability is normally relevant only for things like contract signing, where a party wants to make a binding commitment that can be verified by anyone who has their public key. I don't think I've seen any storage system that provides it -- although of course you can store signed documents in Tahoe-LAFS.
comment:6 Changed at 2012-11-22T22:51:28Z by davidsarah
Ah, do you mean how can a client know which servers are in a grid?
comment:7 Changed at 2012-11-22T22:51:48Z by davidsarah
- Resolution duplicate deleted
- Status changed from closed to reopened
comment:8 Changed at 2013-01-04T21:34:29Z by zooko
- Resolution set to invalid
- Status changed from reopened to closed
I'm not sure what this ticket is about. How about if I close it and then calltodsi can re-open it and say what the is the security property that he wants to ensure, such as "I want to ensure that a client can tell which servers are on the grid." or "I want to ensure that a client only connects to certain servers." or something.
Duplicate of #1422.
Note that "supercritical" priority is only for things that require an immediate point release.