-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/05/2012 01:55 AM, Robert Hailey wrote: > > On 2012/12/04 (Dec), at 8:10 PM, Arne Babenhauserheide wrote: > >> Am Donnerstag, 1. November 2012, 21:30:35 schrieb Matthew >> Toseland: >>> - More work on making darknet easy. >> >> Yes, please! >> >> How about automatic insert of my noderef as CHK, so I can just >> hand a friend an in-freenet-link to connect? > > So you want a sort of... "open invitation"? Whoever finds the chk > can become a darknet peer... unless the operator has put a > count-limitation on it, or since disabled it manually (via an open > invitations list?). > > An interesting idea, and not a bad one either, as it would be a > necessary first step for the welcome-package idea anyway as the > "one_time_token.txt" is effectively a limit-1 open-invitation. > > It seems like it would remove 50% of the handshake process for > those who find it "secure enough" for their purposes, but I think > Matthew said something about it not gelling well with darknet-only > nodes being "undetectable" (that they would have to respond to an > unverified request or something).
Would it be reasonable to have the installer packaged with a seed such that the public key of the node installed with it could be recognized? This seems like it'd mean knowing the private key too, but if someone runs an invitation bundle from someone else, they probably trust them anyway, seeing as how they're connecting via darknet. Hm. Thoughts? > Relatedly, it seems to me that the most likely onboarding use-case > is simply two persons that want to have a secure conversation > between themselves (maybe not even as a darknet peer, as it would > cause a direct IP link between them). Therefore, I would see the > common use-case being the easy fabrication of an (incredibly > specialized) linux boot-usb-stick, that is used when needed to > send/receive queued messages. > > I'm not sure if it would be easier or harder than a zip-invite, as > you'd only have to maintain one OS 'installer' to maintain, but > it'd be more all-inclusive and prone to feature-creep (like > encrypting the entire usb stick). Then again, if the image was > pre-built (e.g. by authoritative freenet servers, or anonymous > freeneteers with a special interest in such), then all the client > app would have to do is inject the invitation (by offset or > overwriting magic content), and probably recompute a CRC (or is > that only for cd/dvd images...). > > Either way, the open-invitations you mentioned would be needed > first. > > -- Robert Hailey -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJQwq/YAAoJECLJP19KqmFu7+8P/jbNIPgvWGd1u/noN14TPWlR 0muN3bgaFsFgssoPtX0YavwWC0xF4VsMbgulSFN6rv4yEHs/n+usXUoOybgKwVu7 /1keh742/aalBbyQ0T5+f3vSZHqs8x0cob4nn5ctX6gs8380056Z9IW90hQ+QgZG WcrzHTvpfPBvOTytgTBYDiBNqU0i6rtUIwNInblc4ehxt/7JkI1qVrFrlDWTX+cq qmhp+TF2bvm9G3VpY7DZZ0aJx2aE9fJ2nt+9ijMsa9k5um93sq3QWsb61VT4od8U /TBUOUKEqh1ddfhuBc9FoqNs6OVzxFoGll5L2e/mmk0gXeUhn83O71B8gAP2XftY HBoXS/PZ1O2JJClc2M+gf/Nx+FLM8WizkJhwrkepXijFVeL/aKBiQlQBWf/WFZWc gpBB2/uX2VAsRQDFUXTVPn2ze34KRxZMU3vQkavef2VSJMka87FLot24FN0UXSqx plOil9rCmKjJUWrTK9UoyVnI2u2ltWlnhiCECO5QBGzituMkrLcmdX+IhqHYF0md V+DFsEn6fyRWH8hB5gqM3VLsabedUM6U/3zU0jt8Ohgrkxk1eLN5S/Uhy7J890Xt xpWRCGgAM5k3aji34kZahJOEoppKDVGU+nHuyGLlS/ERztcbbSSdQlR915youlHs E4XtCtWDdOj6Eqns/kzd =QR9v -----END PGP SIGNATURE----- _______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
