The recent Tor announcement is interesting. Some points: 1. Real Sybil attacks often do use a single IP range. => It's worth detecting and/or deterring this sort of thing, i.e. using IP scarcity on some level. Provided that it's not ridiculously hard. Here there is significant interaction between current opennet bootstrapping (seednodes), somewhat complicated proposals to harden it, and ShadowWalker (opennet tunneling, requires each node to be assigned a "shadow node" on creation to make sure it doesn't lie about its peers). 2. They are interested in socially-aware tunnel setup. So are we. We don't have a tunnel network. IMHO PISCES requires some level of decentralisation, and they'll probably go for one of the less-decentralised published proposals, but at the very least we need to investigate how Tor works before implementing our own tunnel layer, and maybe have some discussions about architecture. 3. We should really use their transport layer. Granted it's written in C, but we need our connection level crypto to be written in C, because you can't eliminate side-channels if you're doing encryption in Java. Plus they have a number of working transport plugins. I believe it's all stream based, so we may want to keep UDP as well, which leads back to getting Chetan's work finished/merged ...
Thoughts?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
