On Tue, Jul 03, 2001 at 09:13:14AM -0700, Ian Clarke wrote:
> > - The model of having us try to be everybody's trusted peer is not a lot
> > better. All our conjectures about the safety of our model are based on
> > the absense of centralized points in the network - any single node is
> > too easy to manipulate. Ian believes that the issues produced can be
> > solved by "modifications", but those modifications are wack-a-mole for
> > each attack that is brought up - the fact remains that the entire threat
> > model has to go out the window if we design around a central element.
>
> So we can either wring our hands and gripe about the difficulty of
> creating a better public trusted seed node, or actually start thinking
> about how to build one. I have started by suggesting that local
> announcement messages not be cached. Perhaps, Oskar, your time might be
> well spent thinking about a new threat model for a public trusted seed
> node. Or perhaps we need a ground-up implementation rather than
> starting with an existing node and modifying it. Either way, if the
> choice is between losing 99.9% of our user base, and solving this
> problem, I choose the latter.
99.9%? You're not helping your side of the argument by making gross
exaggerations.. I think you are underestimating the feasibility of
having people obtain the initial nodereference(s) from sites other
than freenetproject.org.
> > Add to that the dubious topological effects of such a presence and you
> > have yourself a big headache.
>
> This is a separate issue, the announcement protocol is designed to
> counter such an effect. The current network topology survived the much
> more blunt instrument of inform.php.
Um, the current network topology is utterly ruined..
-tavin
--
: it's time we took labor saving away from machines :
: and gave it back to the people... :
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
