Send Freenet-dev mailing list submissions to
freenet-dev at lists.sourceforge.net
To subscribe or unsubscribe via the web, visit
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
or, via email, send a message with subject or body 'help' to
freenet-dev-request at lists.sourceforge.net
You can reach the person managing the list at
freenet-dev-admin at lists.sourceforge.net
When replying, please edit your Subject line so it is more specific than
"Re: Contents of Freenet-dev digest..."
Today's Topics:
1. Re: Promoting metadata (Daniel Phillips)
2. Re: Should users have control over their own node's
content? (1723)
3. RE: Should users have control over their own node's content? (Benjamin
Coates)
4. Re: KHK authentication (JJ Furman)
5. Re: Suggestion for ease of use.. (Henry Hemming)
6. Re: KHK authentication (Oskar Sandberg)
7. Re: Promoting metadata (Daniel Phillips)
8. Re: Promoting metadata (Scott G. Miller)
9. Re: Suggestion for ease of use.. (Scott G. Miller)
10. Easier install for winfolk (Benjamin Coates)
11. Re: This is NOT SPAM (Travis Bemann)
12. Re: Easier install for winfolk (Travis Bemann)
13. Re: Promoting metadata (Scott G. Miller)
14. Cipher change (Scott G. Miller)
15. Re: Cipher change (Brandon)
16. Re: Suggestion for ease of use.. (Jamie Morken)
--__--__--
Message: 1
From: Daniel Phillips <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Promoting metadata
Date: Mon, 26 Jun 2000 20:44:27 +0200
Reply-To: freenet-dev at lists.sourceforge.net
On Mon, 26 Jun 2000, Scott G. Miller wrote:
>
> > sent that retraces the route back to the metadata and promotes it. This is
> > easily accomplished by including metadata keys with the metadata items
> > returned from a search request.
> >
> > Did I make any invalid assumptions here? If not, this seems to me to be a
> > robust and efficient way of handling metadata promotion.
>
> Yes, there is the assumption that the server can be well behaved. The
> problem with your proposal is that it allows malicious nodes to falsely
> promote metadata, by spamming with these "metadata promote" messages.
OK, this is exactly the same problem you see with ordinary data - a malicious
node can make gratuitous hits on ordinary data as much as it wants. Solve the
problem for ordinary data, and you also solve it for my proposal. Which hasn't
gotten to be a proposal yet, it's more like a "discussion item".
> Honestly I really don't think we need any artificial
> metadata-life-lengthening messages.
> If people continue to need to search
> for an item, then those hits on the metadata will be enough.
Yes, there is some value in promoting metadata just because it was matched by a
search term. But there is far more value in promoting metadata because it was
used to find a data item, and this is what I'm getting at.
Note that your malicious server could do malicious searches if it wanted
to. I think what you really have to do is detect those evil servers and get
them off the net, one way or another. Naturally, it is important to minimize
the damage they can do, but I really don't think it's a problem in this case:
the evil server can do nothing more than cause some items to live longer than
they should.
> What might be a problem is the inverse, metadata may expire *too slowly*
> since it
> will be returned in searches even if the data it points to no longer exists.
That happens normally on the net - it's another problem. This case is helped
quite a lot by the method I suggested: when a data request fails, the metadata
is not promoted and eventually expires. You could go further and demote the
metadata after a search fails, but that really would open up the possibility of
a evil server doing significant damage.
--
Daniel
--__--__--
Message: 2
Date: Mon, 26 Jun 2000 20:53:41 +0200
From: 1723 <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Should users have control over their own node's
content?
Reply-To: freenet-dev at lists.sourceforge.net
Zem schrieb:
>
> 1723 wrote:
>
> > Benjamin Coates schrieb:
> > > And I still think that since anyone can write this program, we ought to.
> > > A
> > > few reasons:
> >
> > the problem is, you can't do anything usefuel with such a program.
> > since you don't know what is stored in your disk, you can only
> > random-delete
> > documents.
>
> You can do something useful with it: delete documents based on their
> size.
file splitting.
>
> --
> zem at zip.com.au F289 2BDB 1DA0 F4C4 DC87 EC36 B2E3 4E75 C853 FD93
> zem.squidly.org "..I'm invisible, I'm invisible, I'm invisible.."
>
> _______________________________________________
> Freenet-dev mailing list
> Freenet-dev at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
--
Give me the Luxuries, and the Hell with the Necessities!
--__--__--
Message: 3
Date: Mon, 26 Jun 2000 15:45:39 -0400
From: Benjamin Coates <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: RE: [Freenet-dev] Should users have control over their own node's
content?
Reply-To: freenet-dev at lists.sourceforge.net
>From Zem <zem at zip.com.au>
>>1723 wrote:
>>> Benjamin Coates schrieb:
>>> And I still think that since anyone can write this program, we ought to.
A
>>> few reasons:
>> the problem is, you can't do anything usefuel with such a program.
>> since you don't know what is stored in your disk, you can only
>> random-delete
>> documents.
You can't examine a file to find out what is on it, but you can find if you
have a certain key and which file it goes to.
>You can do something useful with it: delete documents based on their
>size.
You can do that now with the rm or del command.
--
Benjamin Coates
--__--__--
Message: 4
Date: Mon, 26 Jun 2000 14:28:56 -0700
From: JJ Furman <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] KHK authentication
Reply-To: freenet-dev at lists.sourceforge.net
hal at finney.org wrote:
> What we want to know is that the routing key wasn't randomly chosen.
> Do that by defining KHK = hash(hash(keystring)). Use the KHK as the
> routing key. Include a field Verifier = hash(keystring) in the data
> message. That's it.
That was what I first came us with, but due to the inability for nodes along the
return path to verify data integrity I discarded it. My next idea was to use a
sequence of verifier keys H(K), H(H(K)), H(H(H(K))) and so on, using the 10'th
hash (or some fixed) as the key index. Within this idea, the doc could be
incrementally verified as the doc travelled to it's destination by the sequence
of
keys by a sequence of nodes. Some variant of this could have worked but it was
dubious and had some big problems to work out. PK is definitely the way to go,
but no solution is immune to a dictionary attack.
Thoughts:
As for "close insert" attacks, it was my feeling that we would fight these by
putting in some non-determinism into selecting the next node (maybe requests
only). Choosing the node with the closest key is a method that should be used
most often. But if that node is determined to have a slow connection, or is
responding with "sorry, doc doesn't exist" suspiciously often then another node
should be chosen, perhaps the next closest node or one "pretty close".
Periodically, a random next node should be chosen, as a sort of mutation, to
strenthen the overall network. As well, the "sorry, doc doesn't exist" response
should be ignored once in a while and the request should be re-transmitted down
a
different path.
Some well thought out heuristic along these lines will be critical to keeping a
healthy network and warding off attacks.
JJ
--__--__--
Message: 5
From: "Henry Hemming" <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Suggestion for ease of use..
Date: Tue, 27 Jun 2000 01:30:51 CEST
Reply-To: freenet-dev at lists.sourceforge.net
>From: "Scott G. Miller" <scgmille at indiana.edu>
> > > Obviously the end user has to find another freenet node *somehow*,
> > and relying on word-of-mouth only sounds awkward..
>Akward but effective, and very simplistically secure. I agree, we need
>another method.
One way to solve this might be to bake in a few different ips for freenet
node in every new minor version. Another might to make a html tag that
represents a freenet nodes ip, and a plugin for explorer/netscape that uses
that tag to establish a new connection to freenet.
--typo
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
--__--__--
Message: 6
From: Oskar Sandberg <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] KHK authentication
Date: Tue, 27 Jun 2000 02:24:08 +0200
Reply-To: freenet-dev at lists.sourceforge.net
On Mon, 26 Jun 2000, JJ Furman wrote:
<>
> Thoughts:
> As for "close insert" attacks, it was my feeling that we would fight these by
> putting in some non-determinism into selecting the next node (maybe requests
> only). Choosing the node with the closest key is a method that should be used
> most often. But if that node is determined to have a slow connection, or is
> responding with "sorry, doc doesn't exist" suspiciously often then another
> node
> should be chosen, perhaps the next closest node or one "pretty close".
The problem here is what Greg Titus pointed out, namely that this sort of attack
uses the routing of Freenet against itself. What you are proposing as a remedy
here is simply watering down the efficiency of the routing (which may or may
not be a good idea), which will help against this type of attack a little, but
without solving the problem at hand.
> Periodically, a random next node should be chosen, as a sort of mutation, to
> strenthen the overall network. As well, the "sorry, doc doesn't exist"
> response
> should be ignored once in a while and the request should be re-transmitted
> down a
> different path.
>
> Some well thought out heuristic along these lines will be critical to keeping
> a
> healthy network and warding off attacks.
Letting other factors (such as the speed of the connection) effect the routing
has been discussed many times, and if it is possible to do without loosing to
much efficiency it may well be a good idea. We'll have to simulate it to know.
I'm personally very skeptical of any technique that tries to detect broken or
malicious nodes by trying to feel out strange behaviour. This just leads to a
cat and mouse game of trying to design malicious nodes that are just normal
enough to fall under the radar...
>
> JJ
>
>
> _______________________________________________
> Freenet-dev mailing list
> Freenet-dev at lists.sourceforge.net
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
--
Oskar Sandberg
md98-osa at nada.kth.se
--__--__--
Message: 7
From: Daniel Phillips <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Promoting metadata
Date: Tue, 27 Jun 2000 02:27:59 +0200
Reply-To: freenet-dev at lists.sourceforge.net
On Mon, 26 Jun 2000, Scott G. Miller wrote:
>
> > I didn't miss that, I just didn't note it as an assumption. Though it's an
> > interesting point, It's not really relevant to the discussion. Even when
> > running on the same computer the server is still more trustworthy than the
> > client in the same way that inetd is more trustworthy than <pickyourclient>.
> > There will be fewer variations on servers than clients, so the behavior of
> > the
> > server is much more predictable than the client. Further, it's likely that
> > the
> > clients will be running as normal user programs and thus be more vulnerable
> > to
> > attack. For these reasons anything that looks like routing or policy
> > should
> > run in the server, not the client.
>
> Thats a load of steaming BS. If an attacker wants something done, he can
> engineer any sort of server he wants. Freenet has among its design
> philosophies that no part of the network is trusted. Certainly a server
> isn't any more trusted than a client.
If you recall, we were discussing the case where the server and client reside
on the same machine, so unless you are concerned about the case where a user
wants to attack themselves, your comment is a non sequitur.
The (tangential) question I was addressing above is whether routing policy
should ever be implemented in the client, and I still think that it should not.
Now, this doesn't have a lot to do with promoting metadata, the original topic.
--
Daniel
--__--__--
Message: 8
Date: Mon, 26 Jun 2000 19:36:29 -0500
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Promoting metadata
protocol="application/pgp-signature"; boundary="SLDf9lqlvOQaIe6s"
From: "Scott G. Miller" <[email protected]>
Reply-To: freenet-dev at lists.sourceforge.net
--SLDf9lqlvOQaIe6s
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
> That happens normally on the net - it's another problem. This case is helped
> quite a lot by the method I suggested: when a data request fails, the metadata
> is not promoted and eventually expires. You could go further and demote the
> metadata after a search fails, but that really would open up the possibility
> of
> a evil server doing significant damage.
I agree. Thats the part about your thoughts that I do like. Metadata
really shouldn't be promoted as a result of a search unless thats what the
user selected. However, there are some technical difficulties with making
that the case, both with routing and security.
--SLDf9lqlvOQaIe6s
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5V/cNpXyM95IyRhURAu3mAKCVs2/lDHfjd+jRrksFSJIyvImEuwCfcJJ3
U0XcHtDqOIzycDNQSz55bCI=
=PVz6
-----END PGP SIGNATURE-----
--SLDf9lqlvOQaIe6s--
--__--__--
Message: 9
Date: Mon, 26 Jun 2000 19:37:52 -0500
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Suggestion for ease of use..
protocol="application/pgp-signature"; boundary="IrhDeMKUP4DT/M7F"
From: "Scott G. Miller" <[email protected]>
Reply-To: freenet-dev at lists.sourceforge.net
--IrhDeMKUP4DT/M7F
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
> One way to solve this might be to bake in a few different ips for freenet=
=20
> node in every new minor version. Another might to make a html tag that=20
> represents a freenet nodes ip, and a plugin for explorer/netscape that us=
es=20
> that tag to establish a new connection to freenet.
The former method makes those few nodes very visible and thus very
attackable. The later doesn't really matter. Thats out-of-band discovery
and isn't really any different from word-of-mouth. We're talking about
secure, automatic methods.
--IrhDeMKUP4DT/M7F
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5V/dgpXyM95IyRhURAopyAJ9wlGo75sW9c25er8YywMIVIEyp6gCfWjwZ
/P3aB2ulV0Yxh64+tmkZ1Ko=
=88vF
-----END PGP SIGNATURE-----
--IrhDeMKUP4DT/M7F--
--__--__--
Message: 10
Date: Mon, 26 Jun 2000 22:27:52 -0400
From: Benjamin Coates <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: [Freenet-dev] Easier install for winfolk
Reply-To: freenet-dev at lists.sourceforge.net
Freenet (at least the 0.2 release) seems to work just fine under Microsoft's
unfortunately titled jview VM. AFAIK, jview is already installed on most
windows systems (I believe it comes with IE 4 and 5), in the path, the whole
works. I could write up a few batchfiles that would make running Freenet a
pretty much unzip and doubleclick operation for anyone with jview... Anyone
have a problem with this? I like the irony, personally.
p.s. jview uses a slightly different format for the dates in the logfiles,
it's a better one, IMHO, but it would break any automated log analysis that I
don't think is going on anyway.
--
Benjamin Coates
--__--__--
Message: 11
Date: Mon, 26 Jun 2000 21:50:27 -0400
From: Travis Bemann <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] This is NOT SPAM
protocol="application/pgp-signature"; boundary="yrj/dFKFPuw6o+aM"
Reply-To: freenet-dev at lists.sourceforge.net
--yrj/dFKFPuw6o+aM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jun 26, 2000 at 07:20:52PM +0800, Wicked Night wrote:
> Greetings caught an article about your product & was interested in findin=
g a PC version to run on Windows 98, NT4.0 or 2000
> I too believe in the freedom of information & would like to host a server=
for your network...=20
> I am currently located in Southern Cali & will soon be acquiring Cable ac=
cess hopefully before August of this year...
> I've a strong background in Networking Essentials & NT Admin I would furt=
her like to offer any assistance I might be able to provide you... =20
> I have a network of experts on my end with various other areas of experie=
nce including Linux, Web Design, & PC Construction...
> I can also provide translations between English & the following:=20
> Spanish, French, Portuguese, Italian, Arabic & Chinese through the use of=
my various contacts worldwide...
> I look forward to your response...=20
People always dismiss messages with the title 'This is NOT SPAM' as
spam. The reason for this is that so much spam *does* say that it is
not spam.
--=20
Travis Bemann
Sendmail is still screwed up on my box.
My email address is really bemann at execpc.com.
--yrj/dFKFPuw6o+aM
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.9 (GNU/Linux)
Comment: For info see http://www.gnupg.org
owFFlL+PG0UUx+8SISFLRgp0IKQnIeWki20sK0DiyMDlcpwO5S6OziK0s7PPuyPP
zmzmh9euaFMhKkSDlIoOiT+BAhqgpqRBNNDQpKDjO2v7Iq3k9c7b9z7v+75vv+pe
3792Y/n4r5/0Zz98uf/r32Hv7uevymNrApvQn61rHlPgVXi31kKZeyRL4TyHSfR9
4aVS3c4u9oHytfUqKGvGpIxWhl8ezpwwfs6uf2KkzZUpxvQ02sB5v3bKBJFpBHc7
jwydW9OjT6Oh0fs9Gg2HQxKBhh+MR8Pxe6PpOd0a3hkOe/REyQXndKGKMlDjkGrc
7XxIp445IL0nKWI6EoaEC0pqJpHZGGhto6Pa2TzKQDepER6wgR170OCW5soAcNLt
FCRoekxLdh49UbDkgIW7J4iwjae7d3p0Mbs9GJJ1LWoiOEOgpYy14iWnfKFkmgMr
txXZOZ7MratEkimVt1HnpNWCU/7SehCTZ4eiICCEboANh8a6xWAwmIy2ZURFMjoH
dfWatJViy3+JLkt2ho6FVqmE0pq8RbkMGsinUUHxAqdZ0kSijGTvUbvmedTIlTHK
Mh3FIgIHyKFUntYsHMq3tQ/QGTCDs0iUCbkonI2mrX6xAU0VTrwHnBLag+JiRkd5
hYCzbc/z6AJqg/SqfTuHQzCxNQnvlQ/CSEZ81c44wSdixGF6S5VzUgZEdKVIKVqu
rVaJnFc1u+DT0Ko1MRAbFUpaCqdsxOMkFPzBMMEuWjGoUmFlpI7JqvRQmbiC5Tij
B+xVAYPeTM6AuaEBfIRZ7qSB7+A47V9ShmR93Q7co4vQMBs6MYVWvkSe1h5Wa9uk
rdj2clkLg+MefYL5SvxOrQuYB3vu0VnAYAUgjpzIlESO4xLL5lGqxByKss0Z8d/O
k4nQ+a5hiXUUEoJAIJ03wLvi1tYuAPIju0a4PMncGg97UQOcd87rdqZs6+Qc3Yi1
p1z5SsE+FTwkCvYbgRNAUAFhB7NkHlwXj2Z0OT06P8Bwux1fi2pANENcUh/zSVYP
29hQYuchYRVlSSmUDnPL/pC8WG8OFS6kMTa054ME1u+3hPjULJHjPlfCmG7nElOv
hNIprw/tLkjHDXYl1ltfZHaFBOcwSBso8tyljcALYNtsRMr1Ma9Y1nIgbTV49tH1
V/bTl3L36bxx7c9v9p7/8XN9Wv7+zosXh7988dpvj78/fDZ9fe/5f28//Pa7tyb3
/8nfnCxOb3/97603Rv8D
=qccm
-----END PGP SIGNATURE-----
--yrj/dFKFPuw6o+aM--
--__--__--
Message: 12
Date: Mon, 26 Jun 2000 21:57:57 -0400
From: Travis Bemann <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Easier install for winfolk
protocol="application/pgp-signature"; boundary="oLBj+sq0vYjzfsbl"
Reply-To: freenet-dev at lists.sourceforge.net
--oLBj+sq0vYjzfsbl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Jun 26, 2000 at 10:27:52PM -0400, Benjamin Coates wrote:
> Freenet (at least the 0.2 release) seems to work just fine under Microsof=
t's=20
> unfortunately titled jview VM. AFAIK, jview is already installed on most=
=20
> windows systems (I believe it comes with IE 4 and 5), in the path, the wh=
ole=20
> works. I could write up a few batchfiles that would make running Freenet=
a=20
> pretty much unzip and doubleclick operation for anyone with jview... Any=
one=20
> have a problem with this? I like the irony, personally.
>=20
> p.s. jview uses a slightly different format for the dates in the logfiles=
,=20
> it's a better one, IMHO, but it would break any automated log analysis th=
at I=20
> don't think is going on anyway.
This isn't a bad idea. Even though most if not all of the Freenet
developers are Unix/Linux people, there is going to be a flood of
newbies do to that article in Time magazine. Unfortunately, it is
likely that most of these newbies will use Windows 95/98/NT/2K. We
would want to make Freenet quite usable for Windows users or they
might be turned off from using Freenet in the future.
I sort of *dislike* all the publicity that Freenet is getting at this
stage of development because it attracts users before Freenet is
usable for general use by the average ignorant user. It distracts the
focus from pure development to catering to users immediately.
Unfortunately, many potential users are going to try to use Freenet
now, and if we turn off those users, they are potential users lost and
therefore acceptance lost.
--=20
Travis Bemann
Sendmail is still screwed up on my box.
My email address is really bemann at execpc.com.
--oLBj+sq0vYjzfsbl
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.9 (GNU/Linux)
Comment: For info see http://www.gnupg.org
owFdVT2P3EQYziWiseQiLWleIVA+tLu3rHIk2ejyfRFLOALiktDO2q93J2fPODPj
8znwA6giWgRI1BSIjopAQUfFP6AIBVQ00CHxvLPe5Eh1e/brx8/XO/4sPbFx/OTB
B7//XN7/7snGL3+GY5c+Sl6/aU1gE4Z7Xc1TCnwYNutSaXOZsqVynsN244fKZ1qn
yXr2lva19Tpoa6akTakNv7i555TxBbvhjslsrs1iSo8aGzgf1k6boOYlhtPkrqFd
awb0TmNo8taAJuPxmFSgN8fTyYXp1uT9XRqOz4/HA7rB5qGqtKGbVgX21DqgTdPk
Ct12zIYDncFzJSsfKCyZxqMJOZb/+Sx55spTsNRat08PG8wUoEuNydnRrs6c9bbY
TpNw2m9PxoLamMK60Bi8rOwo6FByTg8PNLd0f3dEdP329dmdQX9Fe1KlY5V3MMIH
VcqwNVRZH4DaQ7ba5Lb15DsfhM+ZGc251HzApANlthJZOixptkPnSZmcts4OABj1
1CosB/FXuwSkLXmNCkkehGZAaMocxugAZTUpKkBtrkK2LHQJ7LCEQ20cqtQ+k2uM
QTJrA4FKqgetHYfQUdVkSzjxWNeRTm4b5JaVOtsnW7NTkj3BJ9ztLPyM7KMlo5F4
ZDqhatZUlwpSFcAtYKrVdFhqf1XYlxqURJ921nQDAr63BlZ2Izy75jWC1JXnjYck
Rb7Ui2VARLku0Dd0TwhVKv6JeHnsS29jaRfRDPAa9JgaoQNoDsUoA9gOaLb79t0B
zZsgwawcmyPefdFJqgkW+EgYYLiiys5rcReYeO2sh82tOS1V1GZf+rGwYjXsAkSr
RFOa7EE77skc3q9y0jkr+LZzwMLWNotlrBDpgozFUFmSLaKOPrM0yVGfUsKABsd0
z+jDzXe1aQ5hoK1Ljp3BjecUsAVzSaEorUVJ/yjSxHA71/Aot3I31kS5oLOSxbY9
XTEKs1CPsTJgd+/oZgzEIe3TROKTRZGHI+cVUc+0Rm816CM1etDvwaWtzUsXN9/b
25zcAewDHAgrq1uFEEEklnS93Y+aWGsvJ0eMdo0CRGhfZd2lSSV1EIWhcUa2sCio
cLbC3JGur+tQNBjjGMaMPGQJ7XO59iLnXDQ8Lh96rzMden3PQeApWiO4KkYNH7D9
CxaUPphKGjnnTIlyeKVCcCoLa95zhhY+gpgmRzQucNGplWvzLlLBCjl5g14Y68Qo
wZH1D9gA32NjME0KmzV+pb2GyP8RgrsZ8sNRvPgphr5io6uKcx2DhScvBV1J+Wsr
x7teceo797xXwXU91ot+GtsO4uGBDrerVGImqLfnFUisaBehXoYvpUl4GieztDh6
pbKM66BMxvF2DG84jFuHr84BQrnB4GrS5EM2eaV0KUH5IPXzmeMWrcDxKMdzR3N7
CIDdjjgOqjx37GUp8fGQswcBCdY1PuSszkY4pEefXj3xyoZ8NNdf0ZPHT/5z7Otn
P565+GR0a/u1L379+/M3nm1/+X166thXpy5sXnl1+u25b57+9sPOx0+3r33y17//
AQ==
=6Czb
-----END PGP SIGNATURE-----
--oLBj+sq0vYjzfsbl--
--__--__--
Message: 13
Date: Mon, 26 Jun 2000 22:16:32 -0500
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Promoting metadata
protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR"
From: "Scott G. Miller" <[email protected]>
Reply-To: freenet-dev at lists.sourceforge.net
--9jxsPFA5p3P2qPhR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
> >
> > Thats a load of steaming BS. If an attacker wants something done, he c=
an
> > engineer any sort of server he wants. Freenet has among its design
> > philosophies that no part of the network is trusted. Certainly a server
> > isn't any more trusted than a client.
>=20
> If you recall, we were discussing the case where the server and client re=
side
> on the same machine, so unless you are concerned about the case where a u=
ser
> wants to attack themselves, your comment is a non sequitur.
Yes, we are discussing that, and no, it is relevant. We are talking about
that user being the attacker. =20
> The (tangential) question I was addressing above is whether routing policy
> should ever be implemented in the client, and I still think that it shoul=
d not.
Of course. But the client is a node. Its a specialized one, but it still
speaks the freenet protocol. =20
> Now, this doesn't have a lot to do with promoting metadata, the original =
topic.
No, but it does have a lot to do with shooting down ideas that have
inherent security flaws. Nothing personal, just business.
--9jxsPFA5p3P2qPhR
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5WByQpXyM95IyRhURAq41AKCJ6LpTxWd8aLX71SmGbKSP0okWjgCfYW3h
Ds4IaxmB7ECXWA2aIZKwJ5g=
=hMEA
-----END PGP SIGNATURE-----
--9jxsPFA5p3P2qPhR--
--__--__--
Message: 14
Date: Mon, 26 Jun 2000 22:37:32 -0500
To: freenet-dev at lists.sourceforge.net
protocol="application/pgp-signature"; boundary="EVF5PPMfhYS0aIcm"
From: "Scott G. Miller" <[email protected]>
Subject: [Freenet-dev] Cipher change
Reply-To: freenet-dev at lists.sourceforge.net
--EVF5PPMfhYS0aIcm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
I'd like to switch the default cipher in the devel server to
Rijndael. Honestly, this is purely for efficiency reasons. Twofish and
Rijndael perform very well... when implemented in C or assembly. However,
Twofish has a large table it does very frequent lookups on. While this
table should fit into the processor cache, for some reason the java memory
access characteristics are negating this. For this reason, Rijndael is
outperforming Twofish by a factor of 2.6. =20
Since we aren't really nailing this down yet anyway (due to NIST not
being done selecting an algorithm), and because I trust both ciphers, I'd
like to go ahead and move to Rijndael so we can coax some extra speed on
transfers.
Scott
--EVF5PPMfhYS0aIcm
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5WCF8pXyM95IyRhURAqyFAKDGfTetGMjMrUnNT2KSQTeJdPm61gCfUjnZ
IauZFKLiu+c/zgPWzOpEdvw=
=znLR
-----END PGP SIGNATURE-----
--EVF5PPMfhYS0aIcm--
--__--__--
Message: 15
Date: Mon, 26 Jun 2000 23:12:12 -0500 (CDT)
From: Brandon <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Cipher change
Reply-To: freenet-dev at lists.sourceforge.net
> I'd like to switch the default cipher in the devel server to
> Rijndael.
I'm all for it.
--__--__--
Message: 16
Date: Mon, 26 Jun 2000 22:16:35 -0700
From: Jamie Morken <[email protected]>
To: freenet-dev at lists.sourceforge.net
Subject: Re: [Freenet-dev] Suggestion for ease of use..
Reply-To: freenet-dev at lists.sourceforge.net
Hi all,
Here is my suggestion for node discovery to get rid of inform.php3. The
freenet program will be uploaded onto
freenet and then when someone wants to download it they go to a website
running a freenet client that makes a request
to download freenet at the same time recording the IP of the machine
that it is downloading freenet from. This IP is
put into an *.ini file and sent with the freenet software to the person
doing the download.
So it would look something like this. To put this into freenet a php
script would have to be used on the website to interface with freenet.
newfreenetuser <-> website running freenet client <-> freenet
cheers,
Jamie
--__--__--
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
End of Freenet-dev Digest
