On Wed, 2003-12-03 at 20:14, Toad wrote: > Something vaguely similar might be used post 1.0 for routing streams... > that has been planned for a while. > > I don't think the definition of some content as sensitive and some not, > at the network level, is necessarily a good idea.
It may not be a good idea, but it is forced upon us by court orders and laws and threats of physical harassment. When a notorious key becomes known (and the key of e.g. TFE would certainly be notorious), there will certainly be court orders against all known Freenet nodes barring them from routing that key. And if they continue to route the key in such a way that they can be proved to have routed the key, they will be in contempt of court or in violation of the law, and will be subject to arrest and seizure. However, if it cannot be proved that they routed that key, and if it cannot even be proved that they are running a node, then they are much safer. Under this design, they have a fair chance of not even being suspected of running a node, and an excellent chance of not being suspected of routing the key. Note also that FreeMixNet deals in connections, not content. To get content, you get a connection to a key which knows where to get the content, and discuss how to arrange delivery. FreeMixNet is not intended for delivery of large amounts of content across connections, and should have a mechanism to prevent it. > > I have no idea what you are talking about with anonymous connections - > how does trust work if they don't have identities? The endpoints are identified by their public keys. Trust is granted only after proof of the possession of the corresponding private key. The connections are anonymous in that the physical location of the two servers being connected are completely secret. Nodes which know the IP do not know what the traffic is, and nodes which know what the traffic is do not know where it is going physically. The nodes which know the IP of a server might suspect that it knows the private key corresponding to a public key which the server claimed to have a connection to, but they can't be sure that the server itself knows the private key. It might just have a connection to a server which does have the key. (Just like forwarded ssh-agents). But there are no nodes which know the IP of a node which knows a notorious private key (or even has a connection to such a node), since these keys are announced only after several levels of indirection. -- Ed Huff
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
