[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] Pretty pictures and new version of proposal
|
From: |
Ben Escoto |
|
Subject: |
Re: [rdiff-backup-users] Pretty pictures and new version of proposal |
|
Date: |
Mon, 29 Sep 2003 12:25:56 -0700 |
On Mon, 29 Sep 2003 08:56:12 +0100
"Spicer, Kevin" <address@hidden> wrote:
> Error Correction...
>
> I mentioned this before, but I don't think anyone responded (so
> either it got lost in the mix or was a stupid idea). I think that
> the each block should be cryptographically signed - because
> otherwise it will be impossible to validate the signature (at the
> end of the archive) without reading the entire archive, this would
> also provide error checking. You don't want to restore any file to
> disk until you've checked the signature, so by signing on the block
> level you permit operation on a stream (a block at a time like gzip
> and bzip2 do). Admittedly this will add a few bytes to each block.
Well, if something like gnupg is used, it already gives you the option
of signing (as well as encrypting) input data, so this method could be
used on all of the blocks. Similarly, I think gzip puts some CRC
check by default into its output. So I think bits getting flipped
will be noticed pretty early.
However, the format is pretty fragile if a block becomes too long or
too short. That would mess up all the lengths and could make the rest
of the archive unreadable. However, other formats like tar don't seem
to be robust in this way either, and maybe those kinds of errors don't
happen very much (?).
--
Ben Escoto
pgpKh_wIri0Bb.pgp
Description: PGP signature