>>>>> "OS" == Oskar Sandberg <[EMAIL PROTECTED]> writes:
OS> However, in regard to practical viability of the suggestion in
OS> question, I side completely with Ian and Scott's
OS> objections. [...] I have not seen one hint of an actual
OS> refutation of this in the arguments given, and I'm afraid that
OS> the burden of proof falls on Brandon and Mr. Bad here - there
OS> are several bases for simulators out there (Serapis, that
OS> which Theo wrote for his analysis, and little birds whisper
OS> tails of ones greater still), so there is nothing stopping you
OS> from proving that artificial separation of nodes does not
OS> disturb the (at least somewhat) natural order of the network.
Well, I don't think anyone is suggesting that implementing clusters
and/or "Don't Talk to Strangers" for nodes is going to leave NO trace
on the network. 100% fully-connected networks (every node is aware of
every other node) are going to be the fastest, and we just can't match
that with clusters or protected nodes, ever.
I guess I'd want to know how much we're willing to trade off in
performance and flexibility of the network for some modicum of
security -- however small -- for the node operator. Is node operator
security such a non-goal, and performance so overarchingly important,
that NO COMPROMISE WHATSOEVER will be allowed? It doesn't seem worth
doing a simulation if that's the case.
However, what if we can show that protecting nodes and providing
clustering will give (say) 40-60% of the response speed of an
unclustered, path-folding network, without loss of data? Would that be
sufficient to implement? What's the magic number?
OS> With 0.4 we had already planned to close nodes off to anyone
OS> who does not know the public key, which will make it
OS> considerably more difficult to scan targeted individuals and
OS> computers and attempt to entrap them.
Is the public key given out automatically? Or can I only give out
public keys to node operators I trust?
I guess I slightly mistrust defenses based on "it will be too
expensive for Them to dot dot dot." Like, "It will be too expensive
for Them to find everyone's IP address and then find everyone's
pubkey." If this can be automated, it doesn't seem like it's that much
of a challenge.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <[EMAIL PROTECTED]>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
