From 5cd3e3b6a986ea955099ba635a4b12071f8faa4a Mon Sep 17 00:00:00 2001 From: ClashTheBunny <> Date: Mon, 18 Mar 2013 08:12:18 +0000 Subject: [PATCH] Convert to RST from Marlow [Imported from Trac: page Convergence Secret, version 3] --- Convergence Secret.md | 58 ++++++++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 15 deletions(-) diff --git a/Convergence Secret.md b/Convergence Secret.md index fc1b6af..26c6fdd 100644 --- a/Convergence Secret.md +++ b/Convergence Secret.md @@ -1,29 +1,57 @@ -# Convergence Secret +```#!rst +What Is It? +----------- -## What Is It? +A file's capability is derived from two pieces of information on +upload: The content of the file and the upload node's "convergence +secret". By default, the convergence secret is randomly generated by the +node when it first starts up, then stored in the node's base directory +(/private/convergence) and re-used after that. So the +same file content uploaded from the same node will always have the same +cap string. Uploading the file from a different node with a different +convergence secret would result in a different cap string—and in a +second copy of the file's contents stored on the grid. If you want files +you upload to converge (also known as "deduplicate") with files uploaded +by someone else, just make sure you're using the same convergence secret +as they are. -A file's capability is derived from two pieces of information on upload: The content of the file and the upload node's "convergence secret". By default, the convergence secret is randomly generated by the node when it first starts up, then stored in the node's base directory (/private/convergence) and re-used after that. So the same file content uploaded from the same node will always have the same cap string. Uploading the file from a different node with a different convergence secret would result in a different cap string—and in a second copy of the file's contents stored on the grid. If you want files you upload to converge (also known as "deduplicate") with files uploaded by someone else, just make sure you're using the same convergence secret as they are. +The advantages of deduplication should be clear, but keep in mind that +the convergence secret was created to combat snooping. For example, with +a convergence secret and a file, I can generate a file capability that +would allow me to determine that you have uploaded a file to the grid. +This isn't a big deal for things that are personally produced, but is a +big deal for commonly known things that you want to keep secret that you +know about. Examples would be a Bible in China or The Anarchist's +Cookbook at the High School that I went to. Here's the details of the +origin of the convergence secret: `Convergence Secret Justification`_ -The advantages of deduplication should be clear, but keep in mind that the convergence secret was created to combat snooping. For example, with a convergence secret and a file, I can generate a file capability that would allow me to determine that you have uploaded a file to the grid. This isn't a big deal for things that are personally produced, but is a big deal for commonly known things that you want to keep secret that you know about. Examples would be a Bible in China or The Anarchist's Cookbook at the High School that I went to. Here's the details of the origin of the convergence secret: [Convergence Secret Justification](https://tahoe-lafs.org/hacktahoelafs/drew_perttula.html) +.. _`Convergence Secret Justification`: + -## What If I Change My Convergence Secret? +What If I Change My Convergence Secret? +--------------------------------------- -All your old file capabilities will still work, but the new data that you upload will not be deduplicated with the old data. If you upload all of the same things to the grid, you will end up using twice the space until garbage collection kicks in, if it's enabled. As one user put it, it would move the node where you change the convergence secret into a new deduplication domain. +All your old file capabilities will still work, but the new data that +you upload will not be deduplicated with the old data. If you upload all +of the same things to the grid, you will end up using twice the space +until garbage collection kicks in, if it's enabled. As one user put it, +it would move the node where you change the convergence secret into a +new deduplication domain. -## How To Use It +How To Use It +------------- To enable deduplication between different clients, **securely** copy the convergence secret file from one client to all the others. -For example, if you are on host A and have an account on host B -and you have scp installed, run: +For example, if you are on host A and have an account on host B and you +have scp installed, run: -``` -scp ~/.tahoe/private/convergence my_other_account@B:.tahoe/private/convergence -``` + *scp ~/.tahoe/private/convergence +> my_other_account@B:.tahoe/private/convergence* -If you have two different nodes on a single computer, say one for each disk, you would do: +If you have two different nodes on a single computer, say one for each +disk, you would do: -``` -cp /tahoe1/private/convergence /tahoe2/private/convergence + *cp /tahoe1/private/convergence /tahoe2/private/convergence* ``` \ No newline at end of file