I am trying to disentangle the whole "easier reference swapping" discussion. So lets have one thread per proposal, shall we?
One-time references =================== Fproxy provides an interface to produce one-time references. These consist of a file, including: - The node's current IP addresses (all of them) - A deadline after which the reference is no longer valid - A blob of data which is recorded by the node in permanent storage for that period - Symmetric encryption keys for the setup process (these are unique to this one-time reference) When a one-time reference is double-clicked or otherwise fed to a node, it will connect to the node by the given IP, verify that it has the blob of data via a challenge/response protocol, and full noderefs will be exchanged. The blob will be removed from persistent storage; they are not re-usable. Dependancies ------------ The node issuing one-time references must be able to receive packets from anywhere on the internet. So we need UP&P. Easy extension -------------- This can easily be extended to the ability for fproxy to produce a binary installer which includes a one-time noderef. Attacks ------- The one-time reference MUST be delivered securely. If it is sent through a cleartext channel it may be intercepted (which gives away that you are running a node) or replaced via a Man-In-The-Middle attack (resulting in the attacker being connected to both the issuer and the recipient). -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20070306/7e97c58d/attachment.pgp>
