Actually, it wouldn't require much to be done in the way of a gnutella change. Design points could be as follows:
Checkboxes "Allow Encrypted Communications", "Allow Unencrypted Communications". Server would open 2 ports and advertise each, with some sort of tag indicating encryption on one port. SSH overlay on the encrypted port, no underlying protocol changes required. Effectively perform an SSH tunnel. Clients would choose which port to use, preference should be given to encrypted ports where available. That's really all it would take, servers would be running both versions for a time, unless the operator didn't want to deal with operating unencrypted. The protocol change should be minor, basically just the addition of a second advertised port. Also: To address the question about ISP's detecting large encrypted connections on odd ports, maybe we could also allow wandering ports. I.e., allow the advertised port to change every so often. Effectively add a new port to the listened ports, advertise the new port instead of the old, and 10-60 minutes later, stop listening on the old port. On Tue, 2004-08-10 at 11:39, Paco Arjonilla wrote: > --- clayton rollins <[EMAIL PROTECTED]> escribiÃ: > > The meat of it: though I'll likely switch ISP's unless I get them to change > > the policy, I would like to help hack some code to subvert their blocking > > measures. I think some sort of proxying (encryption) could work. > > Though it would depend on a new protocol (or whatever), I think the > > idea is worth pursuing. > I proposed the idea of encrypting all sorts of communication, but it was > forgotten, so I also like very much the idea. However, if your ISP detects a > lot of encrypted traffic in rare ports it may also block you. It's also a > matter of how you send the data as well as what you share. Having a few > connections lasting for hours is suspicious. > The biggest problem of this is that the gnutella protocol team must agree, but > if it finally succeeds, everyone will have protection against RIAA & friends, > ISP blocking, etc.
signature.asc
Description: This is a digitally signed message part
