Suppose somebody is invited to a darknet Freenet by a friend. He
installs it. Then another friend invites him too. It is possible to gain
trust in Freenet on every new invite:
- An invite to Freenet contains:
- A darknet reference.
- A copy of the node binary.
- Local settings e.g. default bookmarks.
- Certificates i.e. a pointer to, and copy of, the current RSSK, and
the chain of keys leading to the binaries.
- Simple verification script.
- Freenet auto-updates from the official project freesite. This is a
revocable SSK. This is explained elsewhere.
- Freenet is originally installed into a virtual machine; not just a
JVM, a chroot jail or something.
- We get a second invite.
- We tell the first node about the second invite. It is given read-only
access to the contents of the invite. It verifies that the first is
valid: that the certificates are the same as, or are a valid version
of, the certificates the first node used. The first node can connect
to the existing nodes, and ask them for the latest version of the
RSSK.
- Then we run the second node in its own VM, given read-only access to
the first node. It will then do the same verification. It can check
the certs stored on disk, and it can contact the invitee.
- If there is a conflict, we can immediately detect it. We can tell that
the user installed a bogus version of Freenet. If it is the second
invite, we can be confident of this. If the first invite was bogus, we
have a good chance of detecting it, provided that the chroot happened
in the first place. Of course it probably didn't, unless the user is
especially paranoid and knowledgeable. But still, we have a good
chance of detecting people distributing bogus nodes: If we get an
invite which points to a different RSSK and has a different binary, we
know it is probably bogus.
- The more invites we have with the same RSSK, the more trust we can
have in Freenet being the real Freenet rather than some bogus Freenet
distributed by the Bad Guys.
- Obviously this is in addition to things like RSSKs and having people
watching the (mirrored to or on freenet) RCS.
--
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL:
<https://emu.freenetproject.org/pipermail/tech/attachments/20060216/90db53db/attachment.pgp>
