Hi, Why not take the simple way? The last time I had to reset my node I ran a swapbot that used irc to get some refs. If I remember correctly there is a project that creates an anonymous irc network. Why not have nodes create or connect to this network, at least some of the time, and use a standardized swapbot to get references. If a person running a node is willing to be less anonymous, we could even use freenode...
Comments? Ed On Tuesday 06 March 2007 05:37, Florent Daigni?re wrote: > * Volodya <Volodya at WhenGendarmeSleeps.org> [2007-03-06 05:44:35]: > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Matthew Toseland wrote: > > > I don't understand why a password and IP address is easier than a > > > one-time reference. I suppose it has the advantage of being able to > > > write it down - but for it to be secure it would need to be a one-time > > > password; you'd need to generate a new one every time ... > > > > > > Hmmm. Maybe we should provide both mechanisms? > > > > One thing that might be done is not having an increadibly secure password > > protection (just > > secure enough), but when somebody adds themselves via password they get > > added in the > > disabled mode, then the person tells you "It asks me to tell you to enable > > me" and you do > > so. If somebody intersepts the password in between and uses it, the second > > person will get > > a request to inform you that password has been used already, so you just go > > and delete the > > bugger who used it. > > > > In other words: Bring security away from the machine and to the person. > > > > - Volodya > > > > So far a node is *passive* and won't react upon reception of any unknown data. > If we want to tell the user that the password has already been used, we > would need to change that behaviour :/ > > I'm not sure it's a good idea. > > NextGen$ > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl >
