Signed Subspace Key (Freenet)

Signed Subspace Key is used on Freenet to link to a file that is distributed via a public/private keypair. As with any asynchronous signing protocol private key must remain hidden, or it would be possible to spam the particular with extra data.

The single SSK cannot be updated, but because the private keyholder controls the whole key area it is possible to setup predictable patterns for future data. In Freenet 0.5 and 0.6 SSK were almost exclusive way to publish sites with other ways being used for esoteric reasons only. The same is the case in Freenet 0.7 (current version).

The key consists of:
 * String "SSK@" in the beginning of the key
 * The hash of the public key (also used for routing)
 * Symbol ','
 * The second, symmetric key, used for encryption/decryption of the data
 * Symbol ','
 * String describing the encryption method
 * Symbol '/'
 * Name of the data
 * Symbol '/'
 * Name of the file

It is possible to structure the request without the need for the last two parts, where the default file will be received. That method is commonly used for sites. The name of the data, when used for sites, will often end with the symbol '-' and a number, allowing the formation of USK.

When inserting the data, the hash of the public key is replaced with the public key. Therefore only a person with that key can do inserts. Other people can heal the data using BLOBS, but cannot release any altered data in that key.

External link
https://wiki.freenetproject.org/Signed_Subspace_Key