[freehaven-dev] an implementation issue (comm/haven)

[Roger R Dingledine <arma@mit.edu>]

starting to grapple with making all of this interwork well.
when a document_request is done, they send a message to the comm module
with "key of document, key of person, reply block", and the comm module
dutifully passes it to the haven module without looking at it.

So the haven module starts shoving out some number of messages, one per
share, to the comm module, saying "please get this pile of bits to so-and-so".

I believe we decided earlier that the haven module would be doing the signing,
as well as the encrypting?

I guess the only stickler is that your mixnet API only has support for
"send this pile of bits to servnet Y", but in the case of a document request,
the recipient isn't a servnet node.

Are we ok? Should all of this still be happening on the haven side?

If so, this is how it'll work:

comm sends opaque message to haven. haven parses it into "this is a document
request, for this key, reply using this key, and tell the comm module this
pile of bits for it to arrive there." haven passes it to the sharedb function
(also inside haven), which hashes the first key, looks up the shares involved,
optionally signs/encrypts them (right?), then shoves some stuff out to the
comm module in the form "get this to the following address (and i don't know
how to read the address)".

The next question is, if shares are huge, does anybody really want to be
keeping them in ram as strings? Or should each intermediate stage be
building a file and then handing around a filename between modules?

It is becoming more and more appealing to never actually "load" a file in
the haven module, but merely hand around filenames. Should comm consider
doing this too?

--Roger