"Scott G. Miller" wrote: > > Weigh this against the alternative: those with a dynamic IP address > > must run a transient node, which does not offer plausible deniability > > for the operator. > How so? Running a transient node is just as secure as running a real > node, if not more so since you dont store any data.
As someone pointed out on the freenet-tech list, if there is a way of determining whether or not a node is transient, any requests which come from that node must have been originated by the operator. For example: feds run a node and log the IP addresses of any nodes requesting known "illegal" keys. grep for any that belong to obvious dialup IP blocks at major ISPs. Since dialup freenet nodes must be transient, those requests must have come from the user. Search warrant, bust, repeat. > No. The current scheme wouldn't know how to handle the new > addresses. Having the option to strip the fingerprints would allow a > 'creeping' security hole in that parts of the network would become > lax. Fingerprint addressing would probably not be a performance problem > either. Good point. > Every node in Freenet is untrusted. The only trust issues come in when > you have been speaking to a node for a long time and suddenly it appears > that its a different person (doesnt authenticate). To do that, you have > to have some concept as to what you expect the fingerprint to be, > otherwise you just have a whole shitload of meaningless public keys. > > You must have an Address->Key link so that you can say "I expect Address > to have this key", at which point you can verify something. Any use of public keys implies a web of trust, no? So node Alice has been speaking to node Bob for a long time, and has added Bob to the list of "trusted hosts" (or whatever). One day Bob shows up with the same key but a different IP address. Alice should be able to conclude that this is the same Bob, and should therefore be accorded the same trust rating (whatever that is). Why should any of this be tied to the physical IP address? -- zem at zip.com.au F289 2BDB 1DA0 F4C4 DC87 EC36 B2E3 4E75 C853 FD93 zem.squidly.org "..I'm invisible, I'm invisible, I'm invisible.." _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
