* Florent Daigni?re (NextGen$) <nextgens at freenetproject.org> [2007-04-14 12:58:29]:
> In the long term we will ask the client to send us a salted hash of the > full content in ClientPuts so that we can ensure it has read access to > the file. Toad wants that the node chooses the salt and that it is not > predictable ... it involves using a challenge/response mechanism > => more complexity won't be implemented "soon" > > I am convinced we need the hash to be salted but I'm not convinced that > we have to randomize it on a per-request basis : We could send an > identifier in the NodeHello message and ensure it matches the salt. > @toad any problem with that approach ? > > If there isn't any I might implement it soon. > In fact we might even ask for H( NodeHello.id + Client(Put|Get).id, content) so that it would be unique ... provided we keep track of identifiers when requests are terminated. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070414/35e2e8df/attachment.pgp>
