guidance on size and mtime fields

CHANGELOG

@@ -1,8 +1,8 @@
-git-annex (8.20200720.1) UNRELEASED; urgency=medium
+git-annex (8.20200720.1) upstream; urgency=medium
 
   * Fix a bug in find --batch in the previous version.
 
- -- Joey Hess <id@joeyh.name>  Mon, 20 Jul 2020 19:37:40 -0400
+ -- Joey Hess <id@joeyh.name>  Mon, 20 Jul 2020 19:39:11 -0400
 
 git-annex (8.20200720) upstream; urgency=medium
 

doc/design/external_backend_protocol.mdwn

@@ -131,7 +131,8 @@ These messages can be sent at any time by either git-annex or the program.
 
 ## considerations for generating keys
 
-See [[internals/key_format]] for how to format a key.
+See [[internals/key_format]] for how to format a key and details about the
+parts of a key.
 
 The backend name should match the name of the program, eg if the program
 is git-annex-backend-XFOO, it should generate a key starting with "XFOO-".
@@ -159,6 +160,15 @@ in the key name, where users are unlikely to notice it. While git has
 several things that make sha1 collision attacks difficult, we don't want
 this chink in the armor.
 
+It's almost always a good idea to include the size field when generating a
+key. The size does not need to be checked when verifying content, as
+git-annex handles that for you. The only time it would make sense to omit
+the size field is if the content of a key is not stable and might have
+different sizes (like some URL keys do).
+
+There's generally no reason to include the mtime field, and it should
+never be verified when verifying content.
+
 ## program names must be unique
 
 It's important that two different programs don't use the same name, because

doc/design/external_backend_protocol/git-annex-backend-XFOO

@@ -33,8 +33,9 @@ while read line; do
 		GENKEY)
 			contentfile="$2"
 			hash=$(hashfile "$contentfile")
+			sz=$(wc -c "$contentfile" | cut -d ' ' -f 1)
 			if [ -n "$hash" ]; then
-				echo "GENKEY-SUCCESS" "XFOO--$hash"
+				echo "GENKEY-SUCCESS" "XFOO-s$sz--$hash"
 			else
 				echo "GENKEY-FAILURE" "md5sum failed"
 			fi