Opened at 2021-08-17T19:24:42Z
Closed at 2021-08-18T16:00:11Z
#3770 closed task (duplicate)
Determine where lease renwal secret and cancellation secret come from in post-Foolscap world
| Reported by: | itamarst | Owned by: | exarkun |
|---|---|---|---|
| Priority: | normal | Milestone: | HTTP Storage Protocol |
| Component: | unknown | Version: | n/a |
| Keywords: | Cc: | ||
| Launchpad Bug: |
Description
Apparently these secrets currently are generated by client from "very loosely, it's a hash of the client secret, the convergence secret, the storage index, and something called the lease seed". The lease seed is apparently based on the (server?) tub ID.
Lacking Foolscap, there is no tub ID.
More broadly, the spec needs to document where these secrets come from and how they are generated, for security audit purposes.
Change History (1)
comment:1 Changed at 2021-08-18T16:00:11Z by itamarst
- Resolution set to duplicate
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
Superseded by #3774.