[Duplicity-talk] Re: Duplicity Backup: some unsorted questions

[Kenneth Loafman]

Philipp wrote:
> Hello Kenneth, hello duplicity hackers,
> 
> [I'm not subscribed, please CC]

Will do.

> I just discovered duplicity a few days ago and started to play around
> with and read up on it today. I read through your website, and the "New
> file format?" section caught my interest. Now I'm left with a few
> questions:
> 
> 1) I read through the description three times, and still am left with
> the feeling that the two levels of blocking are overly complicated.
> Probably that's because I didn't quite understand it. :-)
> Does one inner block map to exactly one outer block ? more ? less ?
> Could you elaborate a bit what you hope to gain by this extra indirection ?
> What information about the file structure would you leak if just every
> outer block is encrypted on its own ?
> (I'm thinking every outer block could contain a single binary OpenPGP
> block)
> 
> I am well aware of the advantages of a disconnected metadata / index
> table for seeking purposes.
>
> 2) Am I right in the assumption that the plan is to keep a copy of the
> rdiffdir signatures within the archive on the server ?

The new file format was never implemented.  I'm thinking strongly of
working on a dar-compatible directory format so that it will have more
efficient searching, but have not started any work on it.  The dar code
base seems to be fairly coherent and solid.

> 3) Have you considered working together with the dar(1) author, Denis
> Corbin, to extend the dar format appropriately ?
> It already supports random access to compressed archives, as well as
> split archives (called "slices" there).

I've considered wrapping the dar library with Python and using it as the
frontend for duplicity after adding in rdiff incremental functionality.
 That would give us a backup that had the best of both worlds, speed of
backup from dar (it is much faster), multiple backends, and multiple
forms of encryption.

> dar as a nice unixy tool has the makings of a tar replacement.
> I don't know the format internals very much, but it seems to be a rough
> match for duplicity's needs.
> It would certainly be nice if there were _one_ standard next-gen archive
> format, not many.

I have to agree, with the additon of rdiff and gpg functionality, dar
would be an excellent frontend.

> Wow, looking at the dar page again, I see that dar even supports
> symmetric blowfish encryption with a passphrase now.
> That doesn't mean adding asymmetric encryption and rdiff'ed incremental
> backups (dar has full-file incremental backups) to the format will be
> trivial, but it seems worthwhile for me.

It needs to support GPG style encryption with multiple choices of
algorithms and signing.  I think we could add that.

> 4) The Acknowledgement page mentions "Mikael moshir for sending his
> interesting paper on encrypted backup with the rsync algorithm". Could
> you send me a copy of that paper ?

I don't have it.  That went to the original author Ben Escoto.

> OK, so much for my duplicity questions / wish-list.

Not a bad set of questions.  I hope I helped.

...Ken

signature.asc
Description: OpenPGP digital signature