On Tue, Aug 20, 2002 at 11:17:40AM -0700, Ian Clarke wrote: > On Tue, Aug 20, 2002 at 08:24:56AM +0200, Joris Bontje wrote: > > On Mon, Aug 19, 2002 at 01:13:16PM -0700, Ian Clarke wrote: > > > [cut] > > > I would be reluctant to endorse IIP until it > > > has undergone some peer-review. > > > > Take a look at http://www.cypherpunks.to/ip/ > > "A promising potential solution for anonymous IRC appears to be the > > Invisible IRC Project [iiP]. cypherpunks are currently analyzing the > > code to assist in securing the protocol." > > A brief comment that people are in the process of analyzing the code is > hardly sufficient to justify my unquestioning trust.
I am just meaning that it is currently undergoing peer review. Ofcourse "beeing tested at the moment" doesn't mean a thing except that it is beeing tested at the moment. (Just like shampoo that is "dermatologicaly tested" doesn't say anything about the outcome of that test.) > When they come out with a paper detailing the following: > > - What do they mean by anonymity? > - What is the threat model? > - What assumptions do they make about the attacker? > - What smart people have tried to break their protocol? > Then I will be a little satisfied. I don't even know what they mean by > "anonymous" yet. Is it anonymous from an ISP - or just from other users of > the network? Is it anonymous for the NSA? Is it subject to traffic analysis? > Is it subject to MITM attacks? These are all fundamental questions that - to > the best of my knowledge - remain unanswered. Good questions, though most of those are answered in the documentation. (This doc is nowhere near an industrial strenght paper.) Personally I think that the main freenet channel shouldn't use IIP at all in its current state. Ping timeouts happen quite often due to connection problems between public relays and the (still) centralized ircd. There is only 1 ircd running, while most IRC networks have >10 ircd's distributed all over the world on very fast links. I would invite everybody to take a look or even contribute, but don't expect a 'ready' product. Joris Bontje / mids -- PGP Key: http://pgp.dtype.org:11371/pks/lookup?op=get&search=0xF19326A9 Key fingerprint = 730D 9B3A F406 F28A 957D 6397 31E8 6D4C F193 26A9 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20020820/c97de9ce/attachment.pgp>
