On 21 November 2013 02:08, Simon Hirscher <[email protected]> wrote:
> On Wed, Nov 20, 2013 at 3:21 AM, Melvin Carvalho > <[email protected]> wrote: > > > > TLS *as an example* lets you exchange keys, and encrypt messages. Rolled > > out to billions of users and devices. > > What about MITM attacks? What about the fundamentally broken > certificate architecture? The only way I see that both issues > obviously can be solved is to solve the DNS issue right from the start > and use public keys as fundamental identifiers. Now, we're back to > Zooko's Triangle, an issue that GNS probably solves in the most > elegant way. > > On Wed, Nov 20, 2013 at 3:21 AM, Melvin Carvalho > <[email protected]> wrote: > > > > On 20 November 2013 03:05, Simon Hirscher <[email protected]> > wrote: > >> > >> On Wed, Nov 20, 2013 at 2:31 AM, Melvin Carvalho > >> <[email protected]> wrote: > >> > > >> > Why do you say no other project is working on this? How can you even > >> > know > >> > every project out there? > >> > >> Melvin, I obviously can't know every project out there. Let's do a > >> search & replace then: > >> >> Because no one *we (or I) know of* is doing this *successfully*. > > > > These are modular components, which elements do you think are not being > done > > successfully? > > I said those 4 problems are not being addressed successfully *at > once*. And that's really the key to understanding why we can't just > solve these issues by mostly building upon existing technologies – > like TLS and web technologies. Because every project [again: I know > of] is just paying attention to one or, at the maximum, two of those > points and on the other hand makes it damn hard or simply impossible > to solve those other two or three issues at the same time. Yes, some > web applications might enable self-determined storage at first glance. > But, meanwhile, by running server-delivered code (which might not even > come from the server you trust – due to compromised TLS certificates) > in your browser you give up on end2end encryption. So, no, it actually > doesn't allow self-determined storage because there might be someone > else listening. > > In fact, we could boil down the four requirements to just one: > Self-determined storage. This already implies end2end encryption, > perfect forward secrecy as well as social graph obfuscation because > *I* determine who gets to see my data and my messages and my buddy > lists. Now and in the future. > > Hence, to wrap it all up and answer your question in the shortest way > possible: So far, there is absolutely no project that managed to > realize genuinely self-determined storage. > > > Why cant this be done in a modular way with different teams working on > > different pieces and then put together. I agree maybe not all pieces are > > perfect, but we cant some of us work on fixing the bugs working together? > > See above. Also, I don't even know where to start when talking about > fixing TLS and doing web apps in a secure way. Then again, that might > be due to the fact that their design is fundamentally broken with > respect to our wishlist. > > Maybe I'm all wrong – in which case I'd ask you to tell me which > building blocks you would use in our quest to fulfill those 4 > requirements. At the same time, I'd ask you to explain to me why do > you think it's even possible to fix all their "bugs" (I prefer the > term "architectural flaws") all at once. In short: Give me a plan I > can believe in. > > So far, however, all those solutions you proposed in your previous > email – regarding "E2E + Forward secrecy", "Social Graph Transmission" > and "Self Determined Data Storage" – aren't solutions at all. I think > Carlo really has a point here. > I agree with most almost everything you say here. I could spend time going into much more details of the specifics of each modular component, but I suspect it's not going to be that productive at this point. I think maybe a demo would work better, which is something I can work on. It wont be read for this years conf, but maybe next. >From a high level view what I would like to see is 4 modular pieces to these requirements that fit together to create a single solution. When you start saying -- "TLS is out" -- that's great but then you've excluded billions of users and devices. Also "self determined" storage, imho, means that *I* get to choose my security preferences.
