Confirmed users
358
edits
Identity/AttachedServices/StorageServerProtocol: Difference between revisions
Identity/AttachedServices/StorageServerProtocol (view source)
Revision as of 03:22, 16 May 2013
, 16 May 2013→Delta-Sync Data Model
| Line 5: | Line 5: | ||
== Delta-Sync Data Model == | == Delta-Sync Data Model == | ||
The storage server hosts a number of independent named '''collections''' for each user. Each collection is a key-value store whose contents can be atomically modified by the client | The storage server hosts a number of independent named '''collections''' for each user. Each collection is a key-value store whose contents can be atomically modified by the client. | ||
Each modification of a collection creates a new '''version''' with corresponding version identifier, which is a signed hash of the contents of the collection at that version. Version identifiers are of the form <seqnum>:<contents-hash>:<mac> and are provided by the client during write. The server ensures that the version sequences numbers of monotonically increasing. | |||
Each collection has a '''keyid''' which identifies the encryption key used on its contents. This is of the form <seqnum>:<bytes> is would typically be derived from the master encryption key using HKDF. The server ensures that keyid updates are given monotonically increasing sequence numbers, so that out-of-date clients can't accidentally roll back a key to a previous version. | |||
Each collection has also have a '''details''' field, a JSON blob that the client can use to store arbitrary metadata on the collection. If not set by the client, it defaults to null. | |||
More details at [[Identity/CryptoIdeas/04-Delta-Sync]]. | More details at [[Identity/CryptoIdeas/04-Delta-Sync]]. | ||