Francois Deppierraz wrote: > pb://[email protected]:53345,tahoe.ctrlaltdel.ch:53345,another-hostname:53345/introducer
Great idea! > The private key of this introducer will be kept by Zooko and myself for > new. I'm wondering about the security implications of publishing it to > the world. That would allow someone else to take over the introducer > duty if the current one disappear. Someone who posesses the private key (and can cause client traffic to go to a computer under their control, either by controlling your IP routing, the DNS mapping, or by just running one of the named computers normally) can effectively define the grid: they can control which servers are used by any given client. That means a client could be forced to see a subset of the "correct" server list, or none, or an entirely separate network. Note that this only affects availability, not confidentiality or integrity. That said, for our purposes, I think it'd be fine to publish this private key, or merely hand it out to anyone who asks for it. Incidentally, we should only run one introducer at a time. Clients will attempt to connect to all of the FURL's "connection hints" simultaneously, and the first correct response will win. So we shouldn't spin up a new introducer until we're sure the old one is dead. (the consequence of having two running at the same time is like an IRC netsplit: the grid will split into two pieces, and you'll only be able to see the nodes that connected to the same introducer as you). > We still need a third person willing > to provide a DNS record and the duty of keeping it up to date in case > the introducer has to move. I can run a third. Name it "testgrid.lothar.com" and I'll set up the DNS mapping later. thanks!, -Brian _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
