(Illustration by Gaich Muramatsu)
Hi Greg, Wanted to clarify why XOR is used in Coda. From the beginning it was obvious that XOR wouldn't offer any real security. But it would catch accidental bugs such as not decrypting at the right point in the code. When RPC2 was originally written (circa 1985-86, for AFS-2), there was a whole lot of confusion about legal use of encryption, embedding encryption code in software, export restrictions, adequacy of DES, etc, etc. Our heads hurt just thinking about the mess. We decided to use the completely safe and harmless XOR "for now", get the code structure right, and then replace XOR with a real encryption scheme "later". We expected "later" to be a year or two. As it turns out, "later" didn't come for a long time. All the focus in Coda's evolution was on high availability: replication, disconnected operation, weakly connected operation, etc. But it sounds like "later" is finally here :-) -- SatyaReceived on 2004-02-17 16:28:16