Interesting. KSKs aren't *that* insecure: - They _can_ be spammed. - They _can_ be decrypted from the store (with a dictionary attack). - They _can_ be faked (with a dictionary attack). - However, an existing KSK takes precedence when requesting or inserting, and when a new one tries to overwrite the old one, the old one propagates.
The only really fatal problem here is that they are spammable. Of course, so is classic DNS, as we have discovered. :( If you want something which isn't spammable, then indeed you need central repositories. One way to do this is just like DNS - have several *named* master registries: http://bob.cofe/ (look bob up on cofe) http://joe.freehoo/ (look joe up on freehoo) You might have a unifying search which checks multiple repositories in order, but generally that sort of ambiguity is dangerous. Obviously we need a consensus mapping of names to repositories; you've already covered that, it's something that needs to be manually maintained. The bottom line is that the best security comes from using SSKs and CHKs. However, KSKs have their uses, and such a scheme may also have its uses. But I recommend the multiple-named-repos approach, for obvious security reasons. On Fri, Jun 16, 2006 at 12:02:41AM +1200, David McNab wrote: > Hi > > I've been thinking about ways to get human-friendly, yet secure, URIs > under freenet. > > (KSKs are nice, just a shame they're so easily subverted). > > My thoughts so far are: > > 1) Users would trust one or more 'namesites'. For instance, if I have > confidence in Alice's 'namesite', I would stick in my ~/.freenames file > an entry: > > alice freenet:[EMAIL PROTECTED]/alice/0 > > 2) If I want to browse a freesite, with the human-friendly URL of > http://falun-gong.free, my client would look in ~/.freenames, see the > entry for 'alice', then try alice's uri for 'falun-gong'. > > 3) If the 'alice' namesite has an entry for 'falun-gong', then the URI: > > [EMAIL PROTECTED]/alice/0/falun-gong > > should return the physical URI of the 'falun-gong' site I'm looking for, > which might be: > > [EMAIL PROTECTED]/falun-gong/0 > > 4) Alice might trust other namesites, so her namesite would have > a file '[EMAIL PROTECTED]/alice/0/.forward > > which lists URIs for other namesites which Alice considers trustworthy. > So if Alice didn't have an entry for 'falun-gong', maybe one of the > namesites listed in her .forward file might. > > So, how would this get used in practice? > > One way I've thought of is to implement a basic name server for local > use only. This name server would have a very simple socket interface, > supporting commands like 'lookup' (look up a name), 'list' (list the > trusted namesites), 'add' (add a namesite), 'remove' (remove a namesite). > > Then the last step is to write an http proxy over the top of fproxy > which simply follows the above method to translate human-readable URIs > such as 'http://falun-gong.free' to > 'http://127.0.0.1:8888/[EMAIL PROTECTED]/falun-gong/0/index.html' > > As for the service side, running a namesite would be very easy. It would > just be a freesite where the mapping from (say) foo.free is implemented > as a relative path /foo, which contains just the real freenet URI > '[EMAIL PROTECTED]/foo/0'. > > An alternative, which would reduce the number of files on the freesite, > would be to list everything in one file, maybe '/.bulk'. > > But before I launch into something like this, the question to ask is > whether others might see value in having human-readable yet secure and > (relatively) trustworthy URIs. > > For me, I would see value, because I'm getting a bit tired of the > current URIs being so long that I can't see the file extension in my > browser address or status bars. > > Anyway, your thoughts? > > -- > Kind regards > David > > _______________________________________________ > chat mailing list > chat@freenetproject.org > Archived: http://news.gmane.org/gmane.network.freenet.general > Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat > Or mailto:[EMAIL PROTECTED] > -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ chat mailing list chat@freenetproject.org Archived: http://news.gmane.org/gmane.network.freenet.general Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/chat Or mailto:[EMAIL PROTECTED]
