[Ndn-interest] repo-ng and least-authority storage
Lixia Zhang
lixia at cs.ucla.edu
Sun Jul 2 12:59:15 PDT 2017
> On Jun 27, 2017, at 8:32 PM, Corbin <cds at corbinsimpson.com> wrote:
>
> Oh, I forgot redundancy! Let's say that I want to run three repos in different availability zones; can I have them all synchronize with each other somehow?
>
> Peace,
> ~ C.
looks like no one has responded yet, so let me throw in a stone in a hope to attract jade ;-)
from your msgs it's not exactly clear what are the security goals you want to achieve.
for your 2 specific questions:
1/ one does not need to trust storage servers; the NAC TR specifically discussed this issue and suggested a solution
https://named-data.net/wp-content/uploads/2016/02/ndn-0034-2-nac.pdf
2/ one can sync up distributed repos using an NDN sync protocol.
several exist, ChronoSync got used most.
> ------ Original message------
> From: Corbin
> Date: Tue, Jun 27, 2017 19:37
> To: ndn-interest at lists.cs.ucla.edu;
> Cc:
> Subject:[Ndn-interest] repo-ng and least-authority storage
>
> Hi,
>
> I want to know if the following security design is provider-independent; that is, whether it still holds even if I don't trust the NDN nodes running repo-ng.
>
> To make a cap for a file, generate a secret key and nonce, use libsodium to put the file in a box with the key and nonce, and finally, insert the box in a repo with a random name. The name, key, and nonce form a capability for the file; the capability is necessary and sufficient for file retrieval.
>
> This is a lot less work than Tahoe-LAFS has to put in! Would it really work?
>
> Peace,
> ~ C.
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest
More information about the Ndn-interest
mailing list