[Server-devel] wwwoffle

Andy Rabagliati andyr at wizzy.com
Wed Feb 6 02:53:27 EST 2008


On Mon, 04 Feb 2008, C. Scott Ananian wrote:

> On Feb 4, 2008 9:23 AM, Andy Rabagliati <andyr at wizzy.com> wrote:
> > * the resulting cache is tarred up and compressed, and sent to the
> >   requestor via UUCP, where it is unpacked.
> >
> > wwwoffle's cache heirarchy makes this possible.
> 
> Hopefully the hierarchy gets flattened at some point, and you don't
> end up with lots of independent caches?

The arrangement is

/var/cache/wwwoffle/http/www.cnn.com/Ubase64-encodedmd5hash (URL)
/var/cache/wwwoffle/http/www.cnn.com/Dbase64-encodedmd5hash (Data)

So it is very flat to start with.

A requested URL is hashed, and checked to see if it is in the directory,
and if the URL matches. I am not sure what happens if there is a hash
collision - maybe it is 'tough luck'.

> > There is a lot of trust involved, with little security at the moment.
> 
> What are the most pressing security issues from your perspective?
> Obviously a malicious person can alter the web traffic enroute; are
> there other issues?

I carry mail as well as web traffic - mail is more sensitive. I would
like to encrypt the UUCP traffic with GPG or something.

The only issue is reading/altering the traffic en-route.

Cheers,  Andy!


More information about the Server-devel mailing list