> Anyone feel like adding requests for just metadata to freenetlib.py?
Keep in mind this is a server issue. We probably need to decide what a
metadata-only request looks like. Personally, I think it should work like
this:
On a normal DataRequest, the client includes the flag
"Metadata-only" (perhaps this name isn't very good?) set to "yes".
Then on DataReply, the flag "Metadata-length" is discarded, and the first
18+Metadata-length bytes are streamed to the client. The size of the
document should also appear to be 18+Metadata.length.
Basically, it should be impossible to tell on the return path whether a
document or only the metadata of the document was returned. An adversary
seeing a metadata return (assuming he is seeing the stream at all,
since its encrypted) would believe he is seeing the results for a document
of 18+Metadata-length bytes with no metadata, or he could *guess* that its
a metadata-only request.
This may add no real security, but I just enjoy being mean to Eve.
Scott
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20000603/ac860abb/attachment.pgp>
