couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject Re: Proposal for digital signatures of documents
Date Thu, 12 Mar 2009 14:20:35 GMT
2009/3/8 Jens Alfke <jens@mooseyard.com>:
> I think something like this would be nearly mandatory in a fully-distributed
> usage of CouchDB, a network of nodes that cannot all trust each other. The
> only way to trust the documents being replicated through the system is for
> each document to independently assert its creator and its integrity. That's
> what signatures give you.
>

Ok so with this this system you know that person X has signed this doc
and is its author. But how do you trust person X ? How do you tell to
your node that it can trust X and all its document or refuse this doc
because it don't know person X ? Technically I thought to maintain per
Node and maybe per db a list of known identities in a database (or
maybe on a file). But how could you invite other nodes to trust
authors you trust ?


On the other hand , in a distributed system i think that we need to
identify who was the author, which is allowed by your method, but also
identify who can read, edit this document and keep history of
modifications across authors / nodes to validate final doc. Think it's
important, in particularly in organisations that need to track
documents' flow. Maybe we could add public signature of targeted nodes
in signature ? So each node could validate doc during replication ? We
would have something like :

"signature": {
   "signed": ...
  ...
   "to": [
      { "algo": ..., "bits": ..., "data":.... }, ...
   ]
}

(maybe signed could be renamed "from") and a property history to the doc :

"history": [
   { "date": ..., "node_uri": ..., "node_signature" ... }
]

each time you add a new target "to" updated. to can became too large,
so maybe having only last target and add them to history
(previous_targets property) is enough.


That's the idea, what do you think about it ?

- benoƮt

Mime
View raw message