Send Devl mailing list submissions to
devl at freenetproject.org
To subscribe or unsubscribe via the World Wide Web, visit
http://www.uprizer.com/mailman/listinfo/devl
or, via email, send a message with subject or body 'help' to
devl-request at freenetproject.org
You can reach the person managing the list at
devl-admin at freenetproject.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Devl digest..."
Today's Topics:
1. Re: Aardvark (Tavin Cole)
1. Re: Aardvark (Tavin Cole)
2. Re: Protozilla (Timm Murray)
3. Re: Aardvark (Sebastian Spaeth)
4. Re: Aardvark (Tavin Cole)
5. Re: Aardvark (Adam Langley)
6. Re: Proposal: algorithm for forgetting documents in datastore (Timm
Murray)
7. Re: GMP/GCJ update. (Mark J. Roberts)
8. Re: Using DOM for FProxy security (Timm Murray)
9. Problems for splitting (Timm Murray)
10. Re: Aardvark (Scott G. Miller)
11. Killing Freenet (Re: [freenet-devl] Aardvark) (Mr.Bad)
12. Re: Aardvark (Mr.Bad)
13. Re: Aardvark (Peter Todd)
14. RE: Aardvark (Benjamin Coates)
15. Re: Announcement Protocol (Ruediger Kapitza)
--__--__--
Message: 1
Date: Thu, 1 Feb 2001 23:45:01 -0500
From: Tavin Cole <ta...@mailandnews.com>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Thu, Feb 01, 2001 at 08:17:39PM +0100, Sebastian Spaeth wrote:
> >
> > What rock have you been under???
>
> Whoohoo not everybody can know all aspects of the keys without even
> having documentated them.
>
> While I agree with you, we have to point the dangers of KSK keys more
> out to normal users. These reasons should e.g. be definitely be in the
> Freenet FAQ.
Certainly the FAQ needs some overhauling, and we're obviously not getting
anywhere on the Freenet manual.. now if *cough* one of our Lyx proponents
would kindly explain how to get included files working, so we could each
work on a different section of the manual at the same time.. but who am I
kidding, I guess we're gonna be lucky if even 1 person works on it at
a time..
--
// Tavin Cole
--__--__--
Message: 1
Date: Thu, 1 Feb 2001 23:45:01 -0500
From: Tavin Cole <ta...@mailandnews.com>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Thu, Feb 01, 2001 at 08:17:39PM +0100, Sebastian Spaeth wrote:
> >
> > What rock have you been under???
>
> Whoohoo not everybody can know all aspects of the keys without even
> having documentated them.
>
> While I agree with you, we have to point the dangers of KSK keys more
> out to normal users. These reasons should e.g. be definitely be in the
> Freenet FAQ.
Certainly the FAQ needs some overhauling, and we're obviously not getting
anywhere on the Freenet manual.. now if *cough* one of our Lyx proponents
would kindly explain how to get included files working, so we could each
work on a different section of the manual at the same time.. but who am I
kidding, I guess we're gonna be lucky if even 1 person works on it at
a time..
--
// Tavin Cole
--__--__--
Message: 2
Date: Fri, 2 Feb 2001 09:04:44 -0500
From: "Timm Murray" <ad...@madtimes.com>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Protozilla
Reply-To: devl at freenetproject.org
Mark J. Roberts wrote on 1/28/01 12:05 pm:
>On Sun, 28 Jan 2001, Adam=20
>Langley wrote:
>
>> On Sun, Jan 28, 2001 at=20
>12:58:03PM -0500, Scott G.=20
>Miller wrote:
>> > Damn you! FIRST POST!
>>=20
>> Yea, ok. Your post hadn't=20
>come thru when I sent mine.=20
>You win ;)
>
>This list SUCKS! They posted=20
>the SAME STORY a couple=20
>weeks ago! Whoever runs=20
>this thing must be an IDIOT!=20
>;-)
Score: -1, flamebait
=0A=
Timm Murray=0A=
=0A=
-----------=0A=
Great spirits have allways encountered violent opposition from mediocre =
minds=0A=
--Albert Einstein
--__--__--
Message: 3
Date: Thu, 01 Feb 2001 20:17:39 +0100
From: Sebastian Spaeth <sebast...@sspaeth.de>
Organization: University of =?iso-8859-1?Q?Link=F6ping?=
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
> > OS> For fucks sake people, YOU DON'T LINK TO KSKS! It's fucking
> > OS> nuts!
> >
> > Why not? Jeez!
>
> What rock have you been under???
Whoohoo not everybody can know all aspects of the keys without even
having documentated them.
>
> Linking to a KSK means "I want to you to check out a document written by
> anybody who wanted to place a document under the term <KSK value> which
> may or may not be the same document I got when I requested that key."
While I agree with you, we have to point the dangers of KSK keys more
out to normal users. These reasons should e.g. be definitely be in the
Freenet FAQ.
Sebastian
P.S. This reminds me quite a bit of the current DNS system, where the
cleartext->address converter is a point of weakness.
--__--__--
Message: 4
Date: Thu, 1 Feb 2001 14:31:30 -0500
From: Tavin Cole <ta...@mailandnews.com>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
On Thu, Feb 01, 2001 at 11:38:42AM -0500, Scott G. Miller wrote:
> > An evil node can easily spoof a KSK. Plus someone else can easily steal
> Only if he knows its text key or dictionary attacks it.
Entirely feasible..
--
// Tavin Cole
--__--__--
Message: 5
Date: Thu, 1 Feb 2001 19:43:44 +0000
From: Adam Langley <a...@linuxpower.org>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
--E13BgyNx05feLLmH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jan 31, 2001 at 04:04:51PM -0800, Mr . Bad wrote:
> OS> For fucks sake people, YOU DON'T LINK TO KSKS! It's fucking
> OS> nuts!
>=20
> Why not? Jeez!
Because they're crap. KSKs should only be used when the others can't
be used (such as needing to remember it). In a hyperlink, strong
keytypes *should always be used* because there's no reason not to
and many reasons to.
Oskar just has a somewhat direct way of putting it ;)
AGL
--=20
The herd instinct among economists makes sheep look like independent thinke=
rs
--E13BgyNx05feLLmH
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjp5vHAACgkQzaVS3yy2PWDvFQCfaIgXPUB7JyUNov+iPOE2yFQD
22cAn36uL+BGJ6PkImjJnCfXnxkrUa4e
=T+N8
-----END PGP SIGNATURE-----
--E13BgyNx05feLLmH--
--__--__--
Message: 6
Date: Fri, 2 Feb 2001 09:04:49 -0500
From: "Timm Murray" <ad...@madtimes.com>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Proposal: algorithm for forgetting documents in
datastore
Reply-To: devl at freenetproject.org
Oskar Sandberg wrote on 1/28/01 5:32 pm:
<_
> (we could start=20
>suing people who make=20
>clients that don't do it!)
Better yet, if anyone breaks Freenet, sue them under the DMCA
(Freenet uses encryption, so its 'breaking an encryption device').
=0A=
Timm Murray=0A=
=0A=
-----------=0A=
Great spirits have allways encountered violent opposition from mediocre =
minds=0A=
--Albert Einstein
--__--__--
Message: 7
Date: Thu, 1 Feb 2001 13:41:25 -0500 (EST)
From: "Mark J. Roberts" <m...@statesmean.com>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] GMP/GCJ update.
Reply-To: devl at freenetproject.org
On Thu, 1 Feb 2001, Theodore Hong wrote:
> Well, I'm no authority on GCJ, but it appears to me that jlong is just a
> typedef for int64, which in turn is a typedef for long long. Maybe there's
> something wrong with g++'s handling of long long? You could try doing a
> bunch of test shifts and see if they give the result you expect. Another
> outside possibility - maybe other similar shifts work if they use << rather
> than <<=? What happens if you say "r = r << 32" instead?
Turned out to be a problem with the hex constants. I needed to typecast
them explicitly to jlong or they did not work properly.
--
Mark Roberts
mjr at statesmean.com
--__--__--
Message: 8
Date: Fri, 2 Feb 2001 09:04:50 -0500
From: "Timm Murray" <ad...@madtimes.com>
To: <devl at freenetproject.org>
Subject: Re: [freenet-devl] Using DOM for FProxy security
Reply-To: devl at freenetproject.org
Ian Clarke wrote on 1/28/01 11:27 pm:
<>
>Anyone fancy learning a new=20
>language (actually it is just=20
>Javascript)?
OK, Mr. Plugins-won't-work-for-all-browsers.
=0A=
Timm Murray=0A=
=0A=
-----------=0A=
Great spirits have allways encountered violent opposition from mediocre =
minds=0A=
--Albert Einstein
--__--__--
Message: 9
Date: Fri, 2 Feb 2001 09:04:51 -0500
From: "Timm Murray" <ad...@madtimes.com>
To: <devl at freenetproject.org>
Subject: [freenet-devl] Problems for splitting
Reply-To: devl at freenetproject.org
I've said this almost every time file splitting comes up, but
I'll say it again. =20
Some types of data do not split well. For instance, RPMs (before
I found the light of Debian) segfault when I tried to use one
that I had split. I don't know why, but we should find out before
splitting becomes mandatory.
=0A=
Timm Murray=0A=
=0A=
-----------=0A=
Great spirits have allways encountered violent opposition from mediocre =
minds=0A=
--Albert Einstein
--__--__--
Message: 10
Date: Fri, 2 Feb 2001 10:51:29 -0500
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
From: "Scott G. Miller" <scgmi...@indiana.edu>
Reply-To: devl at freenetproject.org
--RASg3xLB4tUQ4RcS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Feb 01, 2001 at 12:52:34PM -0500, Mark J. Roberts wrote:
> On Thu, 1 Feb 2001, Scott G. Miller wrote:
>=20
> > > An evil node can easily spoof a KSK. Plus someone else can easily st=
eal
> > Only if he knows its text key or dictionary attacks it.
>=20
> Or (and I'm not sure about this) if the KSK in question is searchable, and
> thus AFAIK must have its own text key in public metadata. True or false?
No, search results would never point to a KSK. For exactly this sort of
reason.
KSKs are to be avoided at all costs whenever possible. =20
Scott
--RASg3xLB4tUQ4RcS
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6eteBr9IW4v3mHtQRAqz6AJ4+pw7NUaWsAqogdwHAgmFW3TdQBACdHopx
7deOx2Eyb+1mbtgPklx6ETA=
=3vM1
-----END PGP SIGNATURE-----
--RASg3xLB4tUQ4RcS--
--__--__--
Message: 11
To: devl at freenetproject.org
Subject: Killing Freenet (Re: [freenet-devl] Aardvark)
From: Mr.Bad <mr....@pigdog.org>
Organization: Pigdog Journal
Date: 01 Feb 2001 14:03:40 -0800
Reply-To: devl at freenetproject.org
>>>>> "OS" == Oskar Sandberg <md98-osa at nada.kth.se> writes:
OS> How utterly depressing, widespread gratutious use of KSKs WILL
OS> KILL Freenet, and not even people here care...
Really?! You think there's such a horrible misuse of KSKs that they're
going to kill Freenet? We should be so lucky!
Having so many people using Freenet that they get namespace
clashes... having so much content in Freenet that we could have two
files that would need the same name... Having data in Freenet that was
so important that someone would try to use aging-out to spoof
it... Having someone BOTHER to try to attack Freenet in the first
place... Man, what a wonderful world that would be!
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <mr.bad at pigdog.org>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--__--__--
Message: 12
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
From: Mr.Bad <mr....@pigdog.org>
Organization: Pigdog Journal
Date: 01 Feb 2001 14:05:32 -0800
Reply-To: devl at freenetproject.org
>>>>> "OS" == Oskar Sandberg <md98-osa at nada.kth.se> writes:
OS> I apologize profusely for assuming that you had understood the
OS> first thing about anything in the several months you have been
OS> making noise here...
Hey, thanks. I apologize for expecting you to make sense or explain
yourself.
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <mr.bad at pigdog.org>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it." - Ben Franklin
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--__--__--
Message: 13
From: Peter Todd <ret...@home.com>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Aardvark
Date: Thu, 1 Feb 2001 17:29:11 -0500
Reply-To: devl at freenetproject.org
On Thu, 01 Feb 2001, you wrote:
>
> > An evil node can easily spoof a KSK. Plus someone else can easily steal
> Only if he knows its text key or dictionary attacks it.
Not a big problem that. Any dedicated attacker could easilly compile
a list of target KSK's and attack them. In the reverse direction I've
compiled a hash -> key list for my own use to find out what my node
is doing. I can identify about %0.1 of the data that goes through and
I spent only about 20 minutes compiling the list. Any dedicated person
with automaticly robots would get a way, way higher result.
Also dictionary attacks,
though expensive, can be done.
And finally I've had one of my keys, KSK at robots.txt, overwritten by
someone else. Though the key should soon drop out with the new
special-case of robots.txt in fproxy.
--
retep at penguinpowered.com http://retep.tripod.com
--__--__--
Message: 14
Date: Thu, 1 Feb 2001 18:00:45 -0500
From: Benjamin Coates <coa...@mailandnews.com>
To: devl at freenetproject.org
Subject: RE: [freenet-devl] Aardvark
Reply-To: devl at freenetproject.org
> From Mr.Bad <mr.bad at pigdog.org>
>If you're suggesting only linking to CHKs, well, that's pretty wrong,
>and I don't think you understand the thread. I don't think we have a
>mechanism for doing date-based redirects with CHKs, unless I'm
>grievously mistaken. Same goes for SVKs.
Date based redirects do also work with SVKs.
--
Benjamin Coates
--__--__--
Message: 15
Date: Fri, 2 Feb 2001 20:01:32 +0100 (CET)
From: Ruediger Kapitza <rrkap...@stud.informatik.uni-erlangen.de>
To: devl at freenetproject.org
Subject: Re: [freenet-devl] Announcement Protocol
Reply-To: devl at freenetproject.org
On Thu, 1 Feb 2001, Oskar Sandberg wrote:
> On Thu, Feb 01, 2001 at 11:33:35AM -0500, Scott G. Miller wrote:
> <>
> > Alice can detect evilness though. If Mallory acting as Bob2 completely
> > fabricates the nodes above him on the chain, Alice will find out when she
> > tries to retrieve the keys those fake nodes sent back. If they try and
> > forge the x values then that will be detected, again by Alice. In either
> > case she can re-announce. Because the routes are random, the chances of
> > encountering the same Bob2 the second time are 1 in the number of
> > references in Bob1's datastore.
>
> Another thing we can implement, to help against the evil Bob2 problem is
> to allow Alice to start several announcement messages at once with the
> same id - one for every address she trusts from the start. That way having
> just two addresses from the beginning will half the effect of an evil
> Bob2.
Okay this is just a guess: If I was Alice I could ask some of my trusted
nodes or only one (if its the node of my best friend) to give me some
addresses) with their PK. (Is this possible?)
Then they will immediately reply with a bunch of NodeRefs from their
Datastore. Now I would pick some of them and attach them to my
AnnouncementRequest. This means Alice decides which route the announcement
goes. First attached address first node, second address second node ...
When the Request returns I can control the route.If something
went wrong route or other things I would change the route and restart
after some time.
This means Bob1 (the first one of random selected NodeRefs) knows which
node is next after him.
All the rest is the same expect no node can influence the route expect the
first node or nodes which I have always to trust.
Whats wrong?
Okay like in a Proposal:
AddressRequest
<common fields>
If Bob (there could be more than one) receives such a message:
AddressReply
NodeAddress1
NodeAddress2
...
AddressN
When Alice receives the message:
She picks up some of the addresses and sends a:
AnnouncementRequest
<commend fields>
HopsToLive=n
CommitValue=hash(x0)
Introductee=<Alice' NodeReference>
NodeAddress1
NodeAddress2
..
Bob1 send the next message to NodeAddress1 and pops
it form the message.
After the first round Alice checks the PK against the
route.
Ruediger
--__--__--
_______________________________________________
Devl mailing list
Devl at freenetproject.org
http://www.uprizer.com/mailman/listinfo/devl
End of Devl Digest
