On Thu, 4 May 2000, Oskar Sandberg wrote: > We have discussed this previously. A simple password scheme does not work for > updating data on Freenet, even if the password can be validated because it > appeared in hashed form in the previous version. The problem is that some node > must get the the update first, and then, having the password, that node can > replace your data with anything else on all the other nodes.
Granted, this approach puts a degree of trust in the node(s) recieving the update. It brings up another issue though. When the author inserts the initial revision, does he not have to trust the server nodes to not alter his data? If I (or a server) request a key for the first time, do I have any way to know if the server sending the key is really sending what it recieved? Or could that node alter the data without anyone being the wiser? There could also be the rare instance of two people inserting the same key at the same time on different servers. If I was the author I could sign the document with a cryptographic key which the reader would have to obtain and validate out of band (i.e. get my public key via email) or make the SHA1 hash some way publically known.. I would do this for revisions also. Yes, the hash idea may not be a solution for updates, but it has been noted that it is secure for deletes. As an update soution it is weak, but not the weakest link in the chain as that would be the original insert. Do some of the voting schemes address this? somewhat.. But they would also apply to updated data as well. > Updating documents has to require asymmetric crypto because you have > to be able to identify yourself as the previous author without giving > them a chance to identify themselves as the authors. As long as the original was not altered by a server along the way.. > And whatever sense there was in Greg Retkowski's post I did not find > myself very interested in, seeing as it was overshadowed by his > complete ignorance and arrogance as to the rest of Freenet and our > goals. I appreciate your understanding and helpful comments; perhaps I should have stated in my earlier message that I have just joined the mailing list and therefore at a loss as to what has already been discussed. Oh wait, I did say that. I think in the end some form of revision based update system is probably the most flexable. It still leaves the sticky problem of how new revisions get 'discovered' by nodes though.. -- Greg Greg Retkowski Mail: greg at rage.net Raging Network Services URL: http://www.rage.net/ _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
