The only SHA-1 hash that remains is used in the permutation of nodeids,
where we need to decide if we care about performance or long-term security.
I suspect that we could use a much weaker hash (and faster) hash for
this purpose. In the long run, we'll be doing thousands of such hashes
for each file uploaded or downloaded (one per known peer).
and change zfec/setup.py's invocation of ez_setup to require 0.6a9 (which happens to be the default
version installed by apt-get on dapper machines) while leaving the default (desired) version at 0.6c5
This (compatibility-breaking) change moves much of the validation data and
encoding parameters out of the URI and into the so-called "thingA" block
(which will get a better name as soon as we find one we're comfortable with).
The URI retains the "storage_index" (a generalized term for the role that
we're currently using the verifierid for, the unique index for each file
that gets used by storage servers to decide which shares to return), the
decryption key, the needed_shares/total_shares counts (since they affect
peer selection), and the hash of the thingA block.
This shortens the URI and lets us add more kinds of validation data without
growing the URI (like plaintext merkle trees, to enable strong incremental
plaintext validation), at the cost of maybe 150 bytes of alacrity. Each
storage server holds an identical copy of the thingA block.
This is an incompatible change: new messages have been added to the storage
server interface, and the URI format has changed drastically.
Unfortunately this doesn't make the O(n) memory usage go away. It might reduce the constants -- I'm not sure. I look forward to enhancement #54 -- memory usage tests!
Rather than use separate client.pem and introducer.pem files, use 'node.pem'
for all nodes regardless of what type it is. This is slightly cleaner, but
introduces a compatibility. Users who upgrade to this change should do
'mv client.pem node.pem' to avoid generating a new certificate and thus
changing their TubID.
Actually of course iputil can't tell exactly how good they are, and a wise user
of iputil will try all of them. But you can't try all of them simultaneously,
so you might as well try the best ones first.
