> I think that having the public key (or rather a hash of it - less chars make > node addresses more manageable for initializing nodes and alike) be part of > address is a good idea (it was what I was trying suggest to Hal and Brandon > yesterday) but I'm not sure it constitutes a full PK system. There isn't any > real level of trust in there, but at least you know that it is actually the > node that the other node wanted you to talk to.
We need a lowest level that encrypts the stream between two nodes with keys negotiated when the stream is set up. Then we need a layer which encrypts that key negotiated and assures that you're talking to the node whose address you are trying to connect to. Then we need a layer which assures that the address I have is the address I want. The last layer is the one that I'm not sure how to implement. It seems to me that we might be somehow able to use Freenet to carry this information, although I'm not sure if this would be the most elegant thing to do. Using Freenet for everything is a little too tempting because it would be sexy. But then again it might be good. One idea for retrieving reliable address/key pairs would be to use a SVK. So, for instance, I could insert my node address under "Brandon's node" and then people could retrieve that to see if my node had moved. However, I'm still quite worried about whether cachable data would propagate well. If I have to switch my public key because my old one was stolen, that seems like information I'd really want to change thouroughly without any old data hanging around. _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
