* Matthew Toseland <[EMAIL PROTECTED]> [2007-04-14 13:24:17]: > On Sat, Apr 14, 2007 at 01:03:18PM +0200, Florent Daignière (NextGen$) wrote: > > * Florent Daignière (NextGen$) <[EMAIL PROTECTED]> [2007-04-14 12:58:29]: > > > > > In the long term we will ask the client to send us a salted hash of the > > > full content in ClientPuts so that we can ensure it has read access to > > > the file. Toad wants that the node chooses the salt and that it is not > > > predictable ... it involves using a challenge/response mechanism > > > => more complexity won't be implemented "soon" > > > > > > I am convinced we need the hash to be salted but I'm not convinced that > > > we have to randomize it on a per-request basis : We could send an > > > identifier in the NodeHello message and ensure it matches the salt. > > > @toad any problem with that approach ? > > > > > > If there isn't any I might implement it soon. > > > > > > > In fact we might even ask for H( NodeHello.id + Client(Put|Get).id, > > content) so that it would be unique ... provided we keep track of > > identifiers when requests are terminated. > > What's this NodeHello.id ? You mean ClientHello.name ? That's chosen by > the client.
NodeHello is the reply the node gives after a ClientHello ... a new field we would introduce.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl