On Thu, Dec 28, 2000 at 06:09:11PM -0800, Mr.Bad wrote:
> >>>>> "IC" == Ian Clarke <[EMAIL PROTECTED]> writes:
>
> IC> So I was sitting in the bath this-morning and I think I may
> IC> have the beginnings of an idea about how to address this issue
>
> Isn't that how all the best ideas get done? B-)
>
> IC> Let's say, on the introduction of public/private key
> IC> inter-node comms, a node address looks like
> IC> ptcp/x.x.x.x:yy/PUBKEYPUBKEY
>
> As an aside -- is there someplace I can find the proposal for pk in
> Freenet? Or is it one more of those hivemind designs that Freenet is
> famous for (i.e., everybody considers it obvious except for me. B-)?
>
> I'm just not sure I grok the goals.
>
> IC> What if we define a new address type, called a "Shadow
> IC> Address", which looks like this:
>
> IC> stcp/x.x.x.x:yy/PUBKEYPUBKEY/CYPHERTEXTCYPHERTEXT
>
> IC> Where the cypertext is a node address (with some added random
> IC> salt to thwart traffic analysis) encrypted using the public
> IC> key. When a node wishes to send a message to a ShadowAddress
> IC> they must forward it to the node at x.x.x.x:yy which will
> IC> decrypt it and forward it to the decrypted address.
>
> So, if I understand the advantage of this, it's that outside nodes
> (yes, I can't help thinking of "inside" and "outside") will still be
> able to have unique addresses for "inside" nodes, but all requests
> will route through the "shield" node? Is that right?
>
> And all the shield node does is provide an address-rewriting service,
> kind of like a PGP mail anonymizer. In fact, maybe it wouldn't hurt to
> support shadow chaining....?
>
> One thing I'm not sure of, though: what's the advantage of having lots
> of shadow addresses out there, if all messages still have to go
> through the "shield node"? I see that it's a different mechanism, but
> I'm not sure I understand the topological difference between shadow
> addresses and clusters.
>
> On first glance, though, this sounds like it would do a good job of
> replacing "clustering" without actually doing any clustering. B-)
> Although it -does- kind of draw more attention to a shield node than a
> clustering system would (since no one would know that a gateway was
> actually a gateway, but a shield node's IP address goes out with every
> shadow address).
>
> However, shadow addresses still don't deal with "shy nodes."
Allow nested shadow nodes - a shield node can also be a shadow node.
However, this would probably result in even less efficient operation
of Freenet.
--
Travis Bemann
Sendmail is still screwed up on my box.
My email address is really [EMAIL PROTECTED]
PGP signature
