incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filipe David Manana <fdman...@apache.org>
Subject Re: security & attachments & replication & hashing
Date Sat, 28 Aug 2010 18:38:01 GMT
Hi Samuel,

Exposing the md5 hash in attachment properties is more or less
trivial, but not yet done. Ticket 687 was more or less forgotten
(nobody else asked for the feature or commented on it).

Please, leave your comment there and/or vote for it.
I'll implement it if nobody else has votes against the feature.

Thanks for "resurrecting" the ticket.

As for the MITM attacks in replication, I don't think that exposing an
hash/digest would prevent them, as an attacker could inject his own
hashes/digests. I think the way to go is through SSL (although not
perfect of course).

cheers

On Sat, Aug 28, 2010 at 2:42 AM, sgoto <samuelgoto@gmail.com> wrote:
>
> hi couchdb-users,
>     do we have any plans on implementing sha1/md5 hashing of attachments and sending
it to validate_doc_update ? how are developers validating couchdb attachments these days (eg
MITM attacks on replication) ?
>     filipe implemented this recently
> http://svn.apache.org/viewvc?view=revision&revision=891077
>     and this seems to have been filed too
> https://issues.apache.org/jira/browse/COUCHDB-687
>     i was wondering if this is already available for me to use or if extra work needs
to be done. ideas ?
>     cheers, sam
>     PS this is more of a dev@couchdb question, but i'm having problems posting to
the group and emails bouncing back. anyone else having issues ?
> --
> f u cn rd ths u cn b a gd prgmr !


--
Filipe David Manana,
fdmanana@gmail.com, fdmanana@apache.org

"Reasonable men adapt themselves to the world.
 Unreasonable men adapt the world to themselves.
 That's why all progress depends on unreasonable men."

Mime
View raw message