> For the record, I have stoped working on the DNS-over-Freenet
> because it needs a SECURE public namespace to work. There
> might be a way to do it with SSKs and CHKs only, but I haven't
> found it yet. The only ones I've thought of or have been suggested
> suffer from the same problems the current DNS system
> does.
This is a fundamental problem and I don't think there is a solution. A
public space is abusable. A private space must be controlled by someone
and therefore suffers from DNS-like problems of control.
I think you are incorrect, however, in saying that DNS-over-Freenet needs
a secure public namespace to work.
DNS-over-Freenet can work in the sense that you can give it a domain name
and it can give you an IP. If you use a public space for domain name
registration then domain names are not controlled by anyone in particular,
but can be changed by anyone. If you use a private space for domain name
registration then someone can censor or spoof your domain names.
That's just fine. It's not the utopia that you could hope for where you
have unspoofable anarchy, but that's okay since that's not possible. It
*is*, however, better than normal DNS in the sense that you have a
*choice* of who you want to trust with your domain name resolution. There
is not one central authority, but an arbitrary number of competing
authorities. If you don't like any of the domain name service providers
then you can use a public registry and hope for the best. So while it's
not the end all and be all of freedom and happiness, it's at least a step
up from DNS.
Plus it's got tolerance for server failures, unlike dynamic DNS services
currently. I myself use a dynamic DNS service which goes down frequently.
Oh, and in terms of address spoofing, it's not so much of a security risk.
DNS is already spoofable, so you should be using SSH/SSL/SCP for
everything anyway and that is resistant to spoofed DNS and will be
resitant to spoofed Freenet DNS as well.
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
