On Thu, Aug 17, 2000 at 12:07:59PM +1000, Zem wrote: > "Scott G. Miller" wrote: <> > Fair point. This only needs to be done occasionally though, when a > previously known IP address breaks or a reference to an unknown node is > found. > > Weigh this against the alternative: those with a dynamic IP address > must run a transient node, which does not offer plausible deniability > for the operator.
It is possible that some sort of internal address lookup could be used to allow nodes to try to recover links to which it can no longer connect (obviously such a lookup cannot happen at route time). It is not really a protocol design issue, but rather something that node implementations can do by convention. The only thing we would have to make sure is that the node address fingerprints are done so that they can reasonably translated into a SVK or CHK (it could possibly work even with SSKs, since you can make the document name the number and then bump it once every time a new ip is issued), which may be a fair provision > Fingerprint addressing would not be incompatible with the existing > addressing scheme. The paranoid could use fingerprint addresses at the > expense of performance; others could stick with the current addressing > scheme. The problem is that the security of the current model is not good enough - in reality it is little better then no encryption at all. I do not want the network using it a second longer then necessary. Having nodes make choices is really not good enough. If a large part of the network is not secure that still effects the part that is because it makes everything from traffic analysis to data corruption attacks a lot easier. Also, Freenet's topology will suffer very soon if we start having disjoint sets of nodes that cannot connect to one another. > > Besides, you have to have an IP<->fingerprint link > > to prevent man in the middle. Address or public key alone won't do it. > > Seems to me that a fingerprint should suffice. Can you elaborate? What > am I missing? Yeah, I think Scott is mistaking here. > -- > zem at zip.com.au F289 2BDB 1DA0 F4C4 DC87 EC36 B2E3 4E75 C853 FD93 > zem.squidly.org "..I'm invisible, I'm invisible, I'm invisible.." > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev > -- \oskar _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
