--- Toad <[EMAIL PROTECTED]> schrieb: > It would not help at all because the insertor would > need all the keys, > and if it is compromized, it is the insertor that is > compromized. I was suggesting that the insertor have the certificate by serveral entities. You could email Ian, Dan, ect. the unfinished certificate and they could all sign and send it back to you, and you could insert with that certificate not ever having known the keys. Your right; if the inserter said hey Ian let me borrow your key, this idea does nothing.
> The solution is "revocable SSKs". Basically, you > have a list of SSKs to > check before allowing access to the site, and if any > of them have been > inserted, you flag up a big warning message saying > the site has probably > been compromized. Thus we could give a number of > trusted people other > than the insertor their own keys to insert if the > insert key is > compromized, and it would be checked before the user > views the site. > Although freenet loses data, these keys would spread > pretty quickly > given the frequency of them being requested. I would > want to test that > assertion though. The user interface would look > something like the > splitfile downloader, but of course it would be > cached and prefetched > for the front page links if any of them are > revocable. Here's another idea you could use with this one. How about a special Nuke setting. When I insert something like "NUKE ME" on an SSK, nodes cache this state extra long. They never allow it to be over written by an insert. When they get a request they return the "NUKE ME" up the chain (where it should also be cached some) and they insert the "NUKE ME". When they get an insert they return back up the chain a special return message which says somewhere up there someone tried to insert on this Nuked site. They send the "NUKE ME" certificate allong. Thus this hostile inserter should get encircled by nodes caching the "NUKE ME". This would allow party with the private key to self distruct the site. Of course then you have to figuar out some way to reinitiate trust. There is also the question if all SSKs should be Nuke-able. The Anarchy site would get killed :-(. __________________________________________________________________ Gesendet von Yahoo! Mail - http://mail.yahoo.de Logos und Klingelt�ne f�rs Handy bei http://sms.yahoo.de _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
