diff options
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 16 |
1 files changed, 0 insertions, 16 deletions
@@ -1,21 +1,5 @@ * loadLog should verify the hashes (and signatures) in the log, and refuse to use logs that are not valid proofs of a session. -* potential DOS where developer sends Activity Entered that all - refer back to the first Activity Seen. This requires the user - side to keep a Backlog containing all later Activity Seen, so uses - up a lot of memory. - - For this to work, the developer would need to include - in their Activity Entered echoData anticipating all the Activity Seen - that they have generated. This is doable; for example the developer - can send a stream of A's, and then needs to only include the right - amount in the echoData. - - Should probably cap the BackLog to some maximum size to prevent - this kind of DOS. Dropping old items from the BackLog after some - amount of time would also work; after eg 10 seconds it's very - unlikely that a Activity Entered will legitimately refer to an - old backlog item. * Encryption! * Add random nonce to start message, to avoid replay issues. (Or perhaps the encryption derives a RSA key in a way that avoids |