On Sunday 09 November 2003 09:22 am, Martin Stone Davis wrote: > Martin Stone Davis wrote: > > <snip> > > > My solution: > > ------------ > > My solution is analogous to a doctor's office: each node (acting as > > doctor) keeps a schedule of "appointments" for other nodes (patients), > > letting them know when they can send queries. > > > > Any queries a node sends outside of a scheduled appointment should be > > answered with a highly reduced priority (many will QR here). Also, any > > such queries should contribute to the doctor "getting mad" and > > tightening up when the patient tries to schedule another appointment. > > The doc has to penalize the patient enough to make the patient's best > > strategy to stick to the appointments. To a lesser degree, the doctor > > should also penalize the patient if he fails to show up for an > > appointment. The patient then has an incentive to keep appointments and > > to not show up unannounced. > > > > The result would be a much greater proportion of QA:s and a decrease in > > the number of queries made. Going back to the hypothetical, a > > requesting node would want to make 1000 queries in a minute, but might > > only find, say, two nodes in that minute willing to accept up to 5 > > queries each from him. The requesting node would then route 10 queries > > to those nodes, and drop the 990 others (doing so *as if* all nodes in > > the RT had sent QR). > > Unfortunately, as Toad has pointed out in IRC, a per-node based > punishment system (I believe it's called "negative trust") won't work > since "identity is free": an operator can always create new nodes, > gaining an unfair advantage over operators who stick to their one node. > Unless we can somehow make identity less free (see below), I'll have > to say my punishment system is junk. > > So can we make identity (at least in regard to punishment) a little less > free? Ian had pointed out that when the operator creates new nodes, he > still has the same IP address. So, we could punish the entire IP > address, rather than the one node. This would be too bad for nodes on > dialup accounts and in internet cafes, but seems to solve the problem. > > However, Toad has claimed that *even getting new IP addresses is an easy > matter* for a greedy operator. How many new IP addresses are we talking > about here? If the average per day over, say, a month is very low, then > we can probably tolerate it, as he won't be able to create nodes fast > enough to give him a great edge. > > So, can negative trust work?
Why even bother? Think about it like this. Suppose each node is limited to a certain number of connections or a certain amount of bandwidth or a certain number of queries by each node they connect to. There is ZERO incentive try to modify freenet to make multiple identities to get around this. WHY? Because those nodes that you are connecting to, are still limited in those same resources, so to a limited extent your different identities are compeating with each other. It would be better form a greedy clients perspective to simply connect to more nodes! It is VERY EASY to connect to more nodes, and as far as the network is concerned, that is legitimate. So what are we trying to thwart here? A REALLY crappy denial of service attack? _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
