Charles Duffy

This isn't my ticket originally, but my own use case is locking files on a NFS store multiple systems are accessing via gocryptfs.

> Have anyone tried desync with cloudfront and that too with presigned urls ? OR to rephrase my question what is the recommended way to access caync chunks over S3,...

.caibx files are pretty small (relative to whatever your system image size is) -- that makes them pretty straightforward to poll for updates (over whatever transport you choose) and compare...

With respect to naming convention, my own preference would be to support having a key identifier in the name for encrypted chunks. Whether that's a few bytes out of a...

I'd be tempted to consider GCM-CTR with the IV deriving from the chunk's identifier.

The goal was to eliminate potential for collisions while getting the advantage of GCM-CTR's integrity protection -- and the collision protection inherent given the nature of chunk identifiers. It would...

I get what you're saying now. I don't agree that the divergence you discuss is inevitable -- as mentioned, tar *can* be made stable -- but it's certainly some work...

On analysis, it looks like the only change needed to fix this support is copying the feature flags from the .catar into the generated .caidx. Since the catar header includes...

For anyone curious, the PR fixing the parallel issue in desync is folbricht/desync#56

From the source, `--store=` is considered writable; all `--extra-store=` sources are read-only. So if this support were to be implemented, I'd expect you'd want `--store=` to point at the local...