On 23/10/15 04:16, Steve Dougherty wrote: > On 10/16/2015 11:13 AM, Ian wrote: >> On Thu, Oct 15, 2015 at 6:38 PM, <salutarydiacritica...@ruggedinbox.com> >> wrote: > ... >>> I'm questioning if the overhead of designing and maintaining yet another >>> anonymity protocol makes sense given Freenet's current situation. You can >>> concentrate on polishing Freenet UX and storage algorithms instead and >>> leave the anonymity to Tor. >> As I already said in my previous email, that is nonsense. Freenet's >> "anonymity" is at the core of what Freenet is. You can't just "unplug" the >> anonymity and plug Tor in in it's place. It doesn't work like that. > While it's true that we can't exactly "leave the anonymity to Tor," I do > think we could be able to make use of Tor. If we can get a TCP transport > plugin working people can set up a node as a hidden service and reduce > the visibility of running a node. Maybe but given the performance implications for opennet we should probably keep connections over Tor separate from ordinary connections.
Using it for the first hop has several complications: 1. Moral hazard: We need to do some serious work on darknet usability first / at the same time. 2. Bandwidth: Are Tor happy with it? 3. Performance impact on opennet routing: Torified nodes will normally be slower, so may have difficulty maintaining connections. 3. Discovery: How do we find nodes? They probably won't be returned via path folding? Do we want to forward ordinary requests to them occasionally even though they are too slow to stay in the main routing table? 4. Do we need a completely separate node, with a separate identity, location, peers and datastore, for the Tor side? Then it won't have any ordinary opennet connections! How do we get from one to the other? Hence we probably want to see Torified opennet nodes as a first-hop hidden service, accepting requests and inserts but not forwarding them to its anonymous clients. We'd likely need to roll our own discovery protocol, and it would be distinct from ordinary routing and path folding. Although conceivably we could ask Tor to add support for advertising relaying to Freenet from their directory of exit nodes... Conclusion? Far from easy, costs performance, and making darknet easy may be a better way to improve security. Although both darknet and Tor can be blocked.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl