On Tuesday 28 October 2003 05:24 pm, Toad wrote: > What makes you think this wouldn't be grossly exploitable? Publicly > writable TUKs seem a bad idea to me... the question is whether they are > worse than the alternative.
Well, not strictly publicly writable. (They have to be signed with the private key) allthough, with applications like frost the private key is easily acquirable as the board is public, after all. However if someone wanted to be malicious they can just as easily modify the board. What is really needed for something like frost is three key levels. 1. read/verify all keys. 2. limited write abilities 3. private key. The Private key would function as it does now. The first would read the TUK and be used to check the signatures of the other two. The Second would be another private key that would be able to increment TUK such that it can only increase it by one and the TUK is still verifiable. Ideally it would support an arbitrary number of keys of the second type. Here is how I would see this working: |[EMAIL PROTECTED]/TUK/_________| | int Edition; int minTimeBeforeUpdate;| | key publicKey #2; | | key publicKey #3; | | ... | | key publicKey #n; | |____signed - Privatekey #1. | |____Addition by key #3 | | int Edition+1; int TIME-Day; | |____signed - Privatekey #3. | |____Addition by key #2 | | int Edition+1; int TIME-Day; | |____signed - Privatekey #2. | |_____________EOF______________________| This way the master key can at any time add or revoke the other keys, and the other keys can increment the key. The node that receives an insert for a TUK it already has, checks the signature of the new edition and checks to make sure that they are only trying to increase the current version by one. If the master key sends an update it replaces the whole message, but it can still only increase the version by one (or none) or the node will return an error. Then a message board could have a manager, that could revoke people's ability to post there if they spam the board or what have you. At the same time it allows many people to send messages to it rapidly, as once they insert their message into the TUK the they have a spot claimed for their message. Even if two copies of the same TUK are updated at the same time on diffrent parts of the network, they can be combined into one. _______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
