On Thu, Jul 19, 2012 at 6:18 PM, Guess Who? <[email protected]> wrote:
> What you want to do is find people that you believe are trustworthy. So if > you just have a few friends that send files around, that is fine. Sooner or > later you will all have the same files. So you have to gather new friends. > So how do you do that? > > If you are like me you will look for people that appear trustworthy (they > have nice ratings as being reliable). So you'll try to develop a > relationship with them. At that point you are vulnerable. They can send you > files that are incomplete, corrupted or outright wrong. So you are going to > publish a nic against their rating. But they can create new pseudo friends > that claim they are reliable and over whelm your little nic. > > All your little scenario will do is convince you they aren't trustworthy, > and perhaps your close friends. But everyone else will not be any more > sure. It comes down to the fact that only when you start trading stuff do > you really have a clue if they are trustworthy. You might as well just > randomly pick a person and start the transfer. We're talking about a system where all content is authenticated via a capability access control system. In such a system, the people you are trusting are the content curators, not the people who are distributing the content along the way. Sybils can do many malicious things, but they can't forge content, short of subverting the cryptographic primitives the system uses to authenticate content. I'm presently using HKDF. -- Tony Arcieri
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
