Nicholas Weaver wrote:
Closed world networks work when small, they fail when large. Its
exactly the botnet analysis problem, and there is a lot that can be
done once you get a single node, let alone the ability to participate.
Agreed, but these networks may in fact be relatively small.
If you carefully control admission and use some group key games, you
MIGHT be able to do it, but I wouldn't count on it.
You can invite individual nodes with cryptographic certificates as
credentials. It requires having the client code and posessing a valid
invitation certificate to join. In the real world, that can be made hard
to come by.
A) Then don't use localization for such a sensitive application!
This application you describe views the network as an opponent, so you
aren't going to want to use external localization services at all!
Period. Because just the ACT of querying tells the localization
service information, as well as node information, and a bunch of others.
This is what developers should do, yes. But in some cases they want to
make a tradeoff between more security and getting the locality data.
This is 2009... why there are *any* protocols being deployed that don't
have encryption, authentication, anti-tamper, etc. I don't understand.
B) An ISP vantage point doesn't just see one node, but a boatload of
nodes.
True.
My argument however is you are at a middle ground on privacy that is
ALMOST useless: active attackers and ISP level monitoring can rip
through so much of the privacy at the level you describe.
That such an application can't use a localization service is, to my
mind, a small loss: such applications shouldn't really exist anyway
because most of the privacy preserving is an illusion.
You may be right. However, developers have requested the ability to use
locality awareness without transmitting large lists of addresses as
plaintext. I can see their point, given my above comment about
development of highly insecure protocols for today's Internet.
Matthew Kaufman
_______________________________________________
alto mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/alto
