Closed rullzer closed 7 years ago
schiessle
commented
7 years ago How do the server to which the data get synced verify if the data is correct? Maybe we should store the complete json from the initial upload (including the signature) and exchange this on replication. This way the receiving server can first verify the signature and make sure that the sending server doesn't send any manipulated data.
rullzer
commented
7 years ago @schiessle this was how it was implemented. Basically you have to have a trust relation between the original server and the replicating one.
schiessle
commented
7 years ago yes, but this was a really early stage. Back than we considered having only a few "trustworthy" servers. Back then we also didn't had a signature. Today we have the signature and we don't want to expect that we can trust each server. So I would prefer if a server could verify the signature instead of accepting blindly every data you send over.
rullzer
commented
7 years ago @schiessle well sure. But that would require a lot of changes beyond the scope of this PR.
Feel free to take over
When we moved to the modular db layout replication was working suboptimal.