[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Data Haven problems


> Any ideas on how to guard against mailbombs, and to confirm to the sender
> that their files are stored successfully?  Perhaps do a mailing with
> a test command that validates the existance of the file, and sends a
> reply back wether the file is okay or not, or would this result in a
> possible security hole?

To solve problem #1, use digital postage of some form. Digicash, FV,
Tacky Tokens, Mountain Dew futures... just require a per-storage-unit
charge _to initially check in the file_. You can of course charge for
storage over time, too.

To solve problem #2, send an MD5 hash of the file back to the sender.
Ideally, you would also provide (in perl, C source, csh, or whatever)
a submission script which outputs an MD5 hash before the file is sent.
As long as the before-sending hash matches the hash returned by the
haven, you can assume that the file is intact.

> Lastly, instead of postage (like a remailer would get), how hard would it
> be to implement "rent" where if the "rent" is not paid, and a grace period
> has elapsed the file would be trashed.  All this while preserving the
> anonymity of the sender and the data haven site.

Not very. Use a dbm database to map "rent due" dates by file, then
periodically sweep through the database.

> As to the code, this will have to be my second rewrite as I am going to
> do it in perl code, rather than C...  last rewrite was from a daemon to
> a program activated by a .forward file.

Perl has the nice property of being fairly portable, too.

- -Paul

- -- 
Paul Robichaux, KD4JZG       | Good software engineering doesn't reduce the 
[email protected]            | amount of work you put into a product; it just 
Not speaking for Intergraph. | redistributes it differently.
		  ### http://www.intergraph.com ###

Version: 2.6.2