Good points! The system will operate fine when the central authentication (not security) is taken out, its just that at that point in time User X will not be able to validate that file Y is authentic and really came from domain Z, for the first time. It's design so that existing trusts, from www.cnn.com to their ISP, for example, will continue to operate. So the ISP and CNN will still be sure they have authentic files, but a new party, lets say another ISP, who wishs to get the cnn files from the first ISP, will not be able to validate that they are authentic files, while the central authentication system is down. Its not like napser, where the servers are part of the constant operation. Instead, the authentication service only comes into play when you login (at a public Kiosk, not to a LAN), get somebodys public key, or wish to "challenge" a server or user, to prove their authentic. I was set on designing it so the root object isn't a liability. Theres a bit of a catch 22 to requiring somebodys ID, in order to be sure you're talking to the real person, yet keeping that persons ID confidential. The method I use is a zero knowledge based authentication protocol. Basically, by proving that you have a shared secret, you are identified as being the person you say you are. There is an additional step to it, but I wont got into the detail. I also use IPsec, based upon the shared secret, to prime the encryption, so an eavsdropper will never be able to obtain any confidential information by watching the authentication process. Other than my method of achieving permanent caching, I'm really really proud of the authentication system, because its so simple. I bet it will be used for far more uses than a file system. With this design, you can create groups, and assign users (on a global scale) to that group, and only those members will be able to use (decrypt) the data. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, May 13, 2001 6:31 PM To: [EMAIL PROTECTED] Subject: Re: [freenet-tech] RE: [freenet-chat] RE: I've designed a global file system,... Im not a freenet developer (let me make that clear), im just a sort of monitoring conversations for something interesting. I have to say that a centralized security system is not going to work to well, it will have the same problems as Napster, take out the centralized system you destroy the network. The point of decentralized is so that the network still exists/works even if you take out the big boys in the network. I also monitor the JXTA mailing list for interesting discussions and one of the discussions that came up was distributed security or distributed trust. Think of that old saying, you can fool most of the people some of the time and you can fool some of the people most of the time *but you can not fool all of the people all of the time*. The basis is that a P2P trust system could be built. The only issues that arise after this is not so much if an peer is trying to fool you, but if there is a conspiracy. The other thing that comes up, is reputation, using repuation to know whether someone is a good source of information or a bad source of information, reputation does not mix with anonymity. You might want to read through the JXTA mailing list, if not for the protocol of JXTA for the discussions there in. The way I see it though, is to give government no basis for information property, create a network that pays publishers/content creators (as well as computers to process data), and the excuse that they need a monopoly goes away, and gives an easier job to acedemics lawyers and politicians to get it abolished. I have presented my idea on how such a thing could be achieved in this mailing list once in the past and in JXTA some time ago. Leyland Needham _______________________________________________ freenet-tech mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/tech _______________________________________________ freenet-tech mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/tech
