----- Original Message -----
From: "Yuan P Li" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 24, 2001 2:20 PM
Subject: [freenet-tech] security questions
> Hello,
>
> I have a few questions regarding security of freenet:
>
> (1) When some way wants to retrieve for example,
> MSK@SSK@sfsa2r2234/greatsite//
> are "greatsite" and "MSK@SSK@sfsa2r2234" sent via clear text over
> the internet?
No. First off, the MSK@ doesn't really exist. The client stores that and
when it gets information from the node uses it. Now, the
SSK@sfsa2r2234/greatsite part gets sent over the internet, although it's
hashed first. Then it's sent to your local node which requests it from
another node. At some point you get back the data, the client decrypts the
data coming from the node.
Now comes the MSK part. The client looks at the file, treating it as the
special keytype msk, and sees that you are using the blank name. it looks
inside the file and finds out the key to request for the specific piece of
data. Then it requests the (usually) CHK for the data with all the security
stuff still going.
> (2) How does one node learn other nodes, and how is the information
> stored?
It's sent out during inserts and requests along with the data. Nodes can
change it en route (right now on insert every node that touches the data
changes it). Transient nodes don't send out their ip:port.
> Can a totalitarian government setup some nodes just to collect
> information such as the IP address of other nodes? It can then
> use this info to arrest everyone who uses freenet. (I mean
> technologically, can we prevent this to happen?)
A gov't can do that and there's nothing we can do to stop it. Even talking
only to trusted nodes won't really work.
> Probably most people on this list cannot imagine such things can
> happy at all. But that is what is going on in China. Over their
> any encrytion is illegal unless registered with the government
> and the government has to have a backdoor. But I want to introduce
> freenet to China. Of course, we will not be allowed to register.
> Hope you can help me.
I hate to do this, but look at red rover (I know. I really regret saying
this, but it's probbaly a better system than freenet in china since having
something like freenet is probably illegal)
> **** BTW, we have the freenet jump start and some of the FAQ
> translated into Chinese. Do you care to post it your site or
> put a link for it?
I'm sure it could be posted, but right now freenet probably shouldn't be
used in china
> Regards,
> Yuan
-Mathew
_______________________________________________
freenet-tech mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/tech
