> At Mon, 03 Mar 2008 16:59:05 -0500, > jiangxingfeng 36340 wrote: > > > > > I don't in principle have a problem with a separate non-normative > > > document containing security analysis of P2PSIP systems. > > > > > > However, I believe all of the security features need to be > part of the > > > core protocol and the core document, which is why we built them > > > into RELOAD. > > > > > > > > > With regard to security, IMHO, the most difficult part is how the > > system deal with the mailicious behavior. Although some papers show > > that if a large amount of peers are malicious, the system is > > impossible to be a safe one. But does it mean the malicious behavior > > need not be taken into account while design the core protocol? I > > don't think so. > > Nor do I. That's why RELOAD goes to quite a bit of effort to provide > correct functioning to the extent possible in the face of malicious > peers (at least in certificate mode). >
Thanks for your effort. For protecting system from malicious behavior, we may get new idea if we change the perspective how to watch the P2PSIP system. Now, I write what I'm thinking and hopefully it will be helpful to the P2PSIP WG. 1.It's hard to detect malicious behavior online. But the P2PSIP system, IMHO, should have a mechanism to check who has done the malicious behavior. So A peer, at least administrator of the overlay is able to use the mechanism while it is suspicious of the existence of malicious behavior. 2. On the other hand, the P2PSIP external functions, such as routing and storage, are realized by the action of serving each other. As compared to C/S service model, the server's process logic is not trusted any more in P2P system. So the client in the service model should have do something to faciliate the above audit mechanism or do some check whether the server in the service model has serve them according to the agreement between them. >From this regard, IMHO, the hop-by-hop reliablity model is more easily used in >this work. Let's get back to the specific services. There are two specific >services in P2PSIP system, one is routing service and the other storage >service. The routing service happen both hop-by-hop and end-to-end. In >end-to-end case, the client requesting the routing service wants to know >whether the real responsible peer gives the response and it also is called identity attack. As for storage service, it is end-to-end. any comments? Regards! JiangXingFeng _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
