> > The issue is if several freenet nodes operate in a small block of changing > > IP addresses. Its very likely that one node will occupy the IP address of > > a previous node. This would cause the node contacting it to believe that > > its been subverted or at least changed its key. > > No, the node would say "The node I'm trying to connect to (identified by > it's pk) is no longer at this address" and behave just like if the > connection had failed (ie, look up ARK or drop reference). Exactly. My point was you can't necessarily assume that it indicates subversion, because of these blocks of dynips.
> If all connections use PK authentication there is absolutely no need to > get all up and over about the fact that somebody might have been trying to > subvert the connection - since such an attack can't succeed, there is no > need to take any extra precautions. This is just like there is no reason > for a node to get more excited about bad CHK data then a broke connection > - if the attack is as productive as hitting brick wall with your fists > then let mallory has his fun. Perhaps. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000818/24830fd7/attachment.pgp>
