id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	launchpad_bug
955	use client-side storage to defend against rollback attack	zooko		"As mentioned in http://www.mail-archive.com/cryptography@metzdowd.com/msg10865.html , clients which have previously viewed a mutable file or directory could remember the version number that they had already seen and refuse to accept an earlier version number after that. This would prevent rollback attack whenever that client-side storage was carried from the first read to the next.

The client-side storage of the version numbers could be integrated with the backupdb, which already likes to remember a few facts about files and directories in order to optimize backups. (And eventually perhaps restores and ""mirrorings"" and reads and writes as well.)"	enhancement	new	major		code-mutable	1.6.0		integrity newcaps rollback