Saikat Guha wrote: > On Thu, 2008-08-14 at 19:45 -0700, David Barrett wrote: >>>>>> Usability, security, decentralization. Pick any two. >> Show me a single usable, secure decentralized system. Even just >> password protected identifiers will do. Just a hotmail level of >> security where if I change my password, you can no longer impersonate >> me. > > While I agree in general that p2p with a small infrastructure core is > the way to go, I don't think the three properties you mention are > fundamentally mutually exclusive. > > Mind you by presupposing passwords as a synonym for security, you are > fundamentally precluding decentralization. After all, a password is > something the one other person (your provider) can verify. A better > model is user-generated keys ... such as with PGP. No central server > required.
Even with PGP you need some way to get my public key in the first place. And unless we're using a sneakernet, that way is usually a centrally-secured service of some kind. On the other hand, if there is no identity to impersonate then the meaning of "security" differs considerably, and that's a separate discussion entirely. In particular, pirate networks actively *eliminate* identification, so their notions of security are entirely different. -david _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
