[mythtv-users] Mooting architecture for a DataDirect replacement

Jay R. Ashworth jra at baylink.com
Mon Jun 25 15:57:17 UTC 2007


On Mon, Jun 25, 2007 at 10:48:24AM -0400, Rod Smith wrote:
> On Monday 25 June 2007 09:53, Jay R. Ashworth wrote:
> > On Sun, Jun 24, 2007 at 01:11:17PM -0400, Rod Smith wrote:
> >
> > I'm of two minds about whether the location of the public key should be
> > *in* the message; I suspect not, though a digest of the public key
> > could be usefully included.
> 
> If either the public key or its location is in the message, then that sort of
> defeats the purpose of key-signing the message -- anybody who wanted to could
> create a malicious set of changes, sign them, post them, and they'd all check
> out OK. For this side of things, I think you'd need a central Web site
> (possibly with mirrors) to host public keys, possibly grouped into different
> categories. Client software could then be configured to accept keys in
> certain categories or specific sets of keys.

Well, you have to decide what potential attacks you care about.

Yes, you're right, it can't go in the packets.

But I think stations posting them on their own websites ... and then
perhaps someone(s) aggregating them into a directory, certainly.

> > > > And there's still nothing you can do about a posting that never
> > > > arrives.
> > >
> > > *ONCE AGAIN*: There's par2, which is designed for precisely this
> > > purpose.
> >
> > Yeah, but given the possibility of multiple valid update sources for a
> > given program's data (which is a possibility I admit I probably haven't
> > mentioned until now, but that I think would be useful in several
> > circumstances including those noted above)... I don't think we can.
> >
> > Or at least, not authoritatively.
> 
> I don't think there's anything about par2 that requires the
> checksum/correction posts need to come from the same source as the originals.

Hmmm...

> In principle, you could have a program watching a reliable NNTP server that
> downloads the posts, creates par2 files every now and then, and posts them.

I see.  And if your mesh is tight... Nice.

> The trickiest part to planning this, as far as I can see, is in figuring out
> what to include in the par2 posts. You'd have to use some sort of algorithm
> that would make it easy for clients with missing data they want to recreate
> to figure out which par2 posts to download, and which regular files they'd
> need to retrieve.

Yeah.

> It could be easier to just maintain a separate server (HTTP, FTP, NNTP, or
> whatever) that's open to all but intended only for retrieving missing posts.

Well, I think that's inherent in commercial NNTP service, no?  There's
a fixed event horizon: people only schedule out 2 or 3 weeks, and
postings hard-expire 6 hours after airtime, or less.  I don't think the
traffic load would be too painful for supernews.

Cheers,
-- jra
-- 
Jay R. Ashworth                   Baylink                      jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com                     '87 e24
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274


More information about the mythtv-users mailing list