Re: [Monotone-devel] Re: netsync transport encryption?

[hendrik]

On Wed, Oct 25, 2006 at 09:45:33AM -0400, Cem Karan wrote:
> >Message: 4
> >Date: Wed, 25 Oct 2006 14:28:48 +0200 (CEST)
> >From: Richard Levitte - VMS Whacker <address@hidden>
> >Subject: Re: [Monotone-devel] netsync transport encryption?
> >To: address@hidden
> >Message-ID: <address@hidden>
> >Content-Type: Text/Plain; charset=us-ascii
> >
> >ckaran> Here is my suggestion for what to do:
> >ckaran>
> >ckaran> 1) The initiating side generates a random session key,
> >ckaran>    encrypts it with the receiving sides public key, and sends
> >ckaran>    it on to the receiving side.
> >ckaran> 2) The receiving side does exactly the same thing back.  This
> >ckaran>    solves the really weird race condition where both sides
> >ckaran>    want to initiate communications at the same time.
> >
> >Do we have the race condition problem?  SSH and SSL works by having a
> >common session key for both directions of the communication, but your
> >idea should work.
> 
> Just as a preface, note that I just downloaded the sources yesterday,  
> so my understanding of Monotone's internals is necessarily weak.   
> Some of what I say may not apply.
> 
> The race condition I'm talking about is one where we end up with two  
> full duplex connections in tandem.  Imagine Alice and Bob decide they  
> want to sync with each other, and happen to initiate their  
> connections at the exact same moment.  If both connections go  
> through, then Monotone is going to have to synchronize those  
> connections somehow, to ensure that multiple commands aren't sent  
> back and forth that cause some kind of corruption.

Isn't monotone designed in such a way that even if there were to be 
simultaneous syncs, the only problem would be that you might receive 
duplicate information, which would be detected as such?  Isn't that the 
whole point of calling it monotone?

--hendrik