Return-Path: william@bourbon.usc.edu Delivery-Date: Sat Apr 21 22:45:34 2007 X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-3.3 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, NO_REAL_NAME autolearn=ham version=3.1.3 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.13.5/8.13.5) with ESMTP id l3M5jYRb025727 for ; Sat, 21 Apr 2007 22:45:34 -0700 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.13.5/8.13.5) with ESMTP id l3M5jLgU004087 for ; Sat, 21 Apr 2007 22:45:21 -0700 Message-Id: <200704220545.l3M5jLgU004087@bourbon.usc.edu> To: cs551@merlot.usc.edu Subject: Re: About delete Date: Sat, 21 Apr 2007 22:45:21 -0700 From: william@bourbon.usc.edu Someone wrote: > You said : > START QUOTE================================= > You should see that the following 3 lines are visible to your > program: > > FileName=... > SHA1=... > Nonce=... > > So, you can extract the FileName, SHA1, and Nonce values from > a signed File Spec *before* to try to verify any digital > signatures. Then you can use, say, the SHA1 index structure > to find all files with the same SHA1 files, open their > metadata files and find a subset that has the same Noce > (hopefullly, there is only one such file since you should not > have duplicates), then apply the corresponding certificate > file to verify digital signature. > > ===================END QUOTE > > We still have to match the filename if all the above is > found to be matching? You need to find the file number in your mini-filesystem that has exactly the same FileName, SHA1, and Nonce. -- Bill Cheng // bill.cheng@usc.edu ----- Original Message ----- From: william@bourbon.usc.edu Date: Tuesday, April 17, 2007 7:36 pm Subject: Re: About delete To: cs551@merlot.usc.edu > Someone wrote: > > > I am not clear how the delete works? > > When a node gets a delete packet it verifies it with all the > .pem files > > he has in his home directory and then matches the > contents(file name, > > sha1, nonce) provided in the delete packet > > nad then deletes the file.. > > is it the right flow isn't it very inefficient or am I > missing something? > > This is inefficient. If you look at the sample signed File Spec: > > http://merlot.usc.edu/cs551-s07/projects/cert/signed.txt > > You should see that the following 3 lines are visible to your > program: > > FileName=... > SHA1=... > Nonce=... > > So, you can extract the FileName, SHA1, and Nonce values from > a signed File Spec *before* to try to verify any digital > signatures. Then you can use, say, the SHA1 index structure > to find all files with the same SHA1 files, open their > metadata files and find a subset that has the same Noce > (hopefullly, there is only one such file since you should not > have duplicates), then apply the corresponding certificate > file to verify digital signature. > -- > Bill Cheng // bill.cheng@usc.edu >