On Fri, Mar 28, 2003 at 11:08:23PM -0800, Ian Clarke wrote: > > Certainly. However there is the key compromize issue, and until we have > > resolved this (by implementing revocable SSKs), we are not going to do > > anything approaching a project freesite or anything else that requires a > > project SSK. > > I would perhaps point out that my original SSK proposal would have made > this much easier. It actually defined a language which could be used to > specify what was entitled to insert into a subspace. The simplest > version of this would be "anything that is signed by public key X" which > would be the same as today's SSKs. Of course, much more sophisticated > criteria could be defined such as "must be signed by a public key that > has itself been signed by X" or "must be signed by two of public keys X, > Y, or Z" etc.
Unfortunately even that would be insufficient. Revocable SSKs in practice means that when entering the site, you get something looking like a splitfile form that checks at HTL 25 for DNFs on each of the possible revocation keys. REVOCABLE, as opposed to multiply-signed. Multiply-signed is impracticable. > > Unfortunately, as usual, few recognised the true genius of my proposal > at the time dismissing it as over-complicated, Vincent Van Gogh - I > know how you felt ;-) > > Ian. > > -- > Ian Clarke ian at locut.us > Coordinator, The Freenet Project http://freenetproject.org/ > Founder, Locutus http://locut.us/ > Personal Homepage http://locut.us/ian/ -- Matthew Toseland toad at amphibian.dyndns.org/amphibian at users.sourceforge.net Full time freenet hacker. http://freenetproject.org/ Freenet Distribution Node (temporary) at ICTHUS. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20030329/18b9b7f1/attachment.pgp>
