Assigning peer ids based on network topology would compromise both the security and the reliability of the overlay.
The security properties depend on an attacker not being able to target a particular peer id when they request a certificate. If ids are assigned based on network topology, then an attacker may be able to figure out how to target a particular resource id to attack a specific identity in the overlay. Reliability is an issue because if ids are assigned based on topology and an ISP goes offline, the overlay loses an entire range of peer ids. This means both that everything stored there will be lost (especially since in chord replicase are stored on successors) and it will most likely overload the peer with an id immediately after the ISP that went offline because it will suddenly be responsible for a huge range of resources. There are an awful lot of topology-aware DHT algorithms out there that rely on other techniques to improve performance (such as selecting fingers based on topology, which works with the most basic chord algorithm). Pastry and Tapestry are two to start with. Bruce On Tue, Dec 2, 2008 at 8:26 AM, Xianghan Zheng <[EMAIL PROTECTED]> wrote: > Hello, > Is someone considering the mapping between the P2PSIP ID and physical > location. I think it is necessary to think about it although it is not > trivial and might cause some security problem. > In the draft > "http://www.p2psip.org/drafts/draft-licanhuang-p2psip-subsetresourcelocation-00.txt";, > However, the peer ID is formed as domain name. Is that conflict with the > concept that the ID should 128/160 bit integer? Is it possible that each > peer in one domain assigned similar identity? Any suggestions? Thank you. > > Best Regards, > Xianghan Zheng > > > > _______________________________________________ > P2PSIP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/p2psip > > _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
