-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Sean,
Have you looked at Retroshare? I think it implements pretty much everything you've described (IM-style contact list, pasting public keys to add contacts, DHT for peer discovery, file sharing and blog publishing over a P2P trust network). http://retroshare.sourceforge.net/ Cheers, Michael On 11/01/13 02:49, Sean Lynch wrote: > Hi, folks. I'm sure similar ideas to this have been discussed on > this list before, but I wanted to talk about an application that's > been living in my head for years and that I keep working on in fits > and starts, in the hopes that either someone will "steal" the idea > or decide to work on it with me to keep me motivated even when the > goal seems so far away. > > My apologies for the stream-of-consciousness nature of this post. > I don't have much time before I need to grab dinner and I've never > really written this all up in a coherent way before. > > My primary inspiration comes from Zooko's Triangle and the > realization that *all* existing naming schemes used for > communication are centralized. Email addresses and URLs are rooted > in the DNS, which is ultimately controlled by ICANN and the US > Government. I want people to "own" their own names, which means > self-assigned and self-certifying names, i.e. something based on > public keys or their hashes. > > Beyond that, like many people on this list, I'm interested in > chat, publishing, and sharing without the need to rely on some > corporation to provide resources other than connectivity (though I > have ideas on how to get around that, even). > > The application I envision is simple: its main window looks a lot > like Pidgin's contact list, but it also has a "Share" button that > works a lot like Facebook's composer, allowing you to send content > that's visible to everyone or some arbitrary subset of your > contacts. > > Contacts would be identified by their (Ed25519) public key. When > you add someone, you just paste their public key and type a "pet > name" for them, which is what would be shown in your contact list. > People could also associate various metadata with their public key > in a very similar way to how they do with PGP keys: with metadata > packets signed by themselves and other people, thus establishing a > web of trust that would enable search, the same way we can reliably > search for PGP keys but with an easier-to-use interface that will > always show someone's relationship to your current trusted > contacts. > > When you start the application for the first time, it prompts you > to generate a public key or import one (it could be generated from > a password, but this has some problems associated with it). It lets > you put any metadata you want on the key, then connects to the > network via an included list of seed peers, or you could type them > in yourself. The application would then maintain a list of known > reachable peers for future connections. > > Actual connectivity could be via Tor, I2P, or encrypted uTP. The > nodes would form a DHT used for lookup, bootstrapping, and quite > possibly publishing, ala gnunet. Another possibility would be to > use gnunet or freenet directly for the publishing part. > > Here are some possible implementation strategies. The only one I've > made any progress on so far is uTP: > > 1. uTP with our own DHT implementation for bootstrapping, lookup, > and storage of published stuff 2. I2P + Freenet, all embedded into > a Java app. 3. Tor + Gnunet, packaged together. 4. Completely > in-browser, using WebRTC and local storage. > > In general, everything would be based on signatures. You could mark > a post as spam simply by publishing a statement saying it was > spam, perhaps even with signed RDF. Everything would have a > self-certifying identifier based on content hashes. "Blog posts" > would just be signed Atom or something like that. Most publications > would be about other resources: file metadata and ratings, > recommendations of blog posts or authors (identified by public key > of course), claims that various items are spam, etc. You'd find > stuff via your web of trust the same way we use RSS and mailing > list subscriptions now. I could subscribe to the blog of any of my > contacts, trust their media ratings, etc. > > I guess you could call this a p2p, pseudonymous version of > Facebook, with all the same functionality and none of the privacy > problems because privacy would always be defined by encryption. If > you want something public, you post it in the clear. If you want > something seen by only your friends, you encrypt the encryption key > with each of their curve25519 keys. > > Comments and suggestions would be very much appreciated, and I'm > happy to answer any questions you might have about the idea and > what I've done so far after I eat dinner and drive home. > > > > _______________________________________________ p2p-hackers mailing > list [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJQ8XbSAAoJEBEET9GfxSfMKMMH/RocE76vPL5ER1CufpR59MPX N8EDDcINE7a0PLaw2JiPGc5vAE11gkrxeQ10HhVk9s7h2358BeYf0y6ccZaU50l0 9KD1JTj83HfNyTmiHvg/PuqVOVoCXFn2upO6tO5RD1s72dGVjto51+vTP0gBK/i9 TUntc354dZCFV2QyOHn4vbP/mvpho3QMNkh9oUiRHXS+DcreX3bOAUYqmg0pCbsX gSi++3S4vzU3KC96XfbBl1jQTfawe9EkwuuhWCFSgyQ0viakF8Pm04LorvZqF/2H whwEonlDlrQOHRkQcIp3jel/2r7ob3MhU7gPvnwOEijW71mRwQO5VG0VqJvnct4= =JPcw -----END PGP SIGNATURE----- _______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
