From 821c316a6610482eb97375ff01654e7288f6f35d Mon Sep 17 00:00:00 2001
From: warner <>
Date: Mon, 30 Jun 2008 20:20:10 +0000
Subject: [PATCH] start transcribing notes from last week

[Imported from Trac: page AccountingDesign, version 2]
---
 AccountingDesign.md | 50 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/AccountingDesign.md b/AccountingDesign.md
index 82c0c66..ea48dd1 100644
--- a/AccountingDesign.md
+++ b/AccountingDesign.md
@@ -1 +1,51 @@
 This is a place to share our work on the Accounting task.
+
+# Accounting
+
+Tahoe-1.1 is lacking a significant feature: the ability for the admin of a
+storage server to keep track of how much disk space is being used by various
+clients. Friendnet operators can use this information to see how much their
+friends are using (and perhaps ask them to use less). Commercial grid
+operators can use this to bill customers according to how much space they
+use, or to limit them to a pre-defined plan ("1GB maximum"). (related
+tickets: #119)
+
+Tahoe needs better handling of disk-full situations (related tickets: #390),
+but this is a server-wide issue, whereas Accounting is specifically per-user.
+
+## Potential Requirements
+
+Here is a list of potential requirements, in no particular order of when (or
+if) we actually need them to be completed:
+
+ 1. only grant space to approved clients: "Larry the Leech" should not be
+    able to upload files or cause existing files to be retained
+ 2. be able to answer the question "How much space is Bob using?"
+   2a. asking this question about a single server (friendnet)
+   2b. asking this question system-wide: summed across all storage servers (commercial grid)
+ 3. prior restraint: prevent Bob from consuming more than X bytes per server
+ 4. disable a previously-allowed account / revocation
+ 5. expiration: revoke permission after some amount of time, unless explicitly renewed
+ 6. delegation: if Bob has permission, he can grant some to Little Bobby Junior
+   6a. subdivision / resellers : commercial grid operator grants space to a business partner
+   6b. repair caps: clients delegate limited upload authority to a repairer
+   6c. renewal cap: clients delegate lease-renewal authority
+   6d. helper: clients enable the helper to upload files for them
+ 7. auditing: who owns this share, how did they get permission to upload it
+ 8. reconcilliation / garbage collection : which shares does Bob own?
+
+## Immediate Goals
+
+We've established a smaller set of goals for the next few releases:
+
+ * 1.2 (august 08):
+   * be able to answer "how much does Bob store?"
+   * deny service to Larry The Leech
+   * enable accounting in both friendnet and commercial grids
+   * enable accounting in webapi and helper interfaces
+
+ * 1.3 (september?)
+   * be able to enumerate Bob's shares, for reconcilliation
+
+ * next after that
+   * more generalized delegation