Quote:
Originally posted by Sajma
My suggestion was to make signatures separate files. The description line for a signature file is something like SHA1(signed content)+" signed by "+SHA1(public key of signer), and the content of the signature file is the signature itself. One could generalize this to support certificates that rate files or bind names to keys.
The problem with this is that individual signatures (or certificates) are pretty unpopular items, so they might be hard to find using Gnutella. One way to fix it is to "piggyback" signature files on content files, so that they move around together. Unfortunately, if there are many signatures for a given content file, this is not practical.
Another solution is to observe that each individual only cares about singatures by the people they trust. Therefore, each person should store their own signature files (certificates).
... |
How bout not even having signature files traversing the network? What about using my sharing of database idea.. but then.
SHA-1 Hashes are unique, right? So I couldnt, say, make a movie file or text file with the same hash without extreme difficulty.
Now. What bout making a database like...
|File------------------------|Signer----------|Hash------|Rating----|
|A Perfect Circle- Judith.mp3 | "6YH%%s36t^" | "Ya^h361G^@dsa" | 9
|Deftones- Magdalena.mp3 | "Ag24#61gD!c" | "243(6YHW)51d6" | 8
etc, etc, etc
Okay.
Im burnt. Maybe you can fill in what I am trying to explain. That is, not needing those little files, but using a database, with a trust system.
Quote:
Originally posted by Sajma
Are we offtopic enough yet?
|
Umm... not till the topic turns to porn or warez!