On Sunday 09 Dec 2012 00:04:53 Steve Dougherty wrote: > > On 12/08/2012 06:05 PM, Matthew Toseland wrote: > > On Saturday 08 Dec 2012 03:11:28 Steve Dougherty wrote: > >> On 12/05/2012 01:55 AM, Robert Hailey wrote: > >>> > >>> On 2012/12/04 (Dec), at 8:10 PM, Arne Babenhauserheide wrote: > >>> > >>>> Am Donnerstag, 1. November 2012, 21:30:35 schrieb Matthew > >>>> Toseland: > >>>>> - More work on making darknet easy. > >>>> > >>>> Yes, please! > >>>> > >>>> How about automatic insert of my noderef as CHK, so I can > >>>> just hand a friend an in-freenet-link to connect? > >>> > >>> So you want a sort of... "open invitation"? Whoever finds the > >>> chk can become a darknet peer... unless the operator has put a > >>> count-limitation on it, or since disabled it manually (via an > >>> open invitations list?). > >>> > >>> An interesting idea, and not a bad one either, as it would be > >>> a necessary first step for the welcome-package idea anyway as > >>> the "one_time_token.txt" is effectively a limit-1 > >>> open-invitation. > >>> > >>> It seems like it would remove 50% of the handshake process for > >>> those who find it "secure enough" for their purposes, but I > >>> think Matthew said something about it not gelling well with > >>> darknet-only nodes being "undetectable" (that they would have > >>> to respond to an unverified request or something). > >> > >> Would it be reasonable to have the installer packaged with a seed > >> such that the public key of the node installed with it could be > >> recognized? This seems like it'd mean knowing the private key > >> too, but if someone runs an invitation bundle from someone else, > >> they probably trust them anyway, seeing as how they're > >> connecting via darknet. Hm. Thoughts? > > > > Including seednodes for opennet is possible but IMHO pointless, > > since they are harvestable even if we don't distribute them > > centrally, and since we optimise performance by using as many of > > them as possible. Including FOAFs on the other hand is a *big* > > gain. > > I'm sorry, I was unclear. I meant a PRNG seed so that the link-layer > keys would be known, so the node handing out the invite could recognize > and accept a connection from the node installed with its bundle.
Yes, something like that - "one time cryptographic token".
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
