[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[freehaven-dev] a question for the comm people


In order to retrieve a file, a client must first know the $PK$ which
was used to sign the shares.  He learns this from a post to Usenet or
some similar external means (or because he was the original author of
the document) -- see Section \ref{sec:directories} on how to integrate   
Directory Services with Free Haven.  From here, he must locate a servnet 
server that is willing to do the query for him.  The server can be 
contacted over its remailer address, but presumably there will be public
cgi's available which automate the process of doing the document query.
The client comes up with a key pair ${PK,SK}$ for this transaction, as
well as a remailer reply block.  The servnet server does a broadcast of
``(`request', $PK_{file}$, $PK_{client}$, reply block)'' (signed by this
servnet node -- is this signature necessary?) to all servnet nodes that it
knows about.

so...is this signature necessary? i'd like to think no, but i have
this niggling recollection that we came up with some nice attacks
if he doesn't sign it.