On Tue, 23 Sep 2003, Tracy R Reed wrote: > On Tue, Sep 23, 2003 at 11:20:50AM +0200, Some Guy spake thusly: > > What trust issues? It should be impossible to > > download a faulty build from such a freesite, since > > the whole site would be certified by the private key. > > And if the key is compromised and a trojan build put in place? > > Those trust issues.
To explain: When the NSA busts down Toad's door and shoots him up with some happy drugs and he gives them the freenet private SSK key, how do we stop people from going to the (now compromised) site? Hell, if Ian and Matt get into a big fight and Matt leaves the project on bad terms, how do we take away his right to update the website? We don't pretend that freenet is a TRUSTED network. There's no way to insure the integrity of the key we put up there. That's why we're not setting an example by running a freesite. Yet. There's some heavy-duty crypto and distribution issues involved in letting one person publish a signed document for the group yet the group can revoke that document if enough get together. The "Obvious" answer would be a chain of trust. [EMAIL PROTECTED]/ refers to [EMAIL PROTECTED]/ refers to [EMAIL PROTECTED]/ refers to [EMAIL PROTECTED]/. All would be DBR, so within 24 hours anyone could stop publishing and "revoke" the final site. But that "trust" is misplaced, since nothing stops [EMAIL PROTECTED]/ from just referring to his own site. With simple key-revocation schemes, you have the concept of "damaged" signatures. A "group site" has a 4 keys, 3 of which are needed to revoke it. Rouge member #4 publishes the site. 1-3 get pissed and publish a revocation key (that routes like the key it's hunting down) On every node that has the file, it "eats" that signature. When enough signatures are "eaten" it dies. Except it dosn't work that way. All it takes is one cancer node to "miss seeing" the revocations and keep returning the rogue data. So, every node has to keep track of EVERY revoked key, and apply it to all signed keys going through it's datastore? And what if it dosn't see the revocation? It's not as trivial as people think. --Dan
pgp00000.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
