-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > What efforts in the anonymity field do you follow? > > I follow the ones that interest me, sorry to burst your bubble but > I2P isn't really one of them.
Its fine not to have an interest in something, but one would expect that someone running a project building a PET would have at least some literacy in the state of the art in PETs. If not in I2P, in Tor. I'm not saying this in the "omg you, like, suck, man" way, but in the "you have no idea what you're talking about, yet you keep talking about it" way. > I think Tor is much more likely to be the dominant application > in your part of the design space. Tor is really interesting, and I do recommend people to use both I2P and Tor. I don't think Tor is viable long term though, as it has inherent scarcity issues (the plan for dealing with P2P users is to make Tor too slow for them, last I heard). Tor's circuit switched nature also makes it hard to adapt to changing load, while I2P's packet switching can and does reroute, in addition to running multiple paths in parallel. Tor also currently depends on the ORs to be honest in publishing their available resources, while I2P assumes everyone lies, so every router builds its own profiles. But anyway, an I2P v. Tor comparison is interesting, but there are more appropriate venues for such a discussion [1]. [1] http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/router/doc/ techintro.html?rev=HEAD#similar.tor Now, whether Freenet uses Tor or I2P is of no matter, but there should at least be an informed reason why not. You don't seem to be well informed about either, yet quite aware of both. > I2P requires a DHT, and DHTs don't meet our requirements, because > they invariably rely on choosing which peers are connected, and > that precludes trusted links. This gets back to what I said above - you're not paying attention to the work in the DHT field either. Or to the posts in this thread so far, or the numerous links I've posted describing why your conclusion is false. > I can respect the fact that I2P has different design goals to > Freenet, why can't you? Of course I do - Freenet is working on building a censorship resistant data store, while I2P is working on building an anonymous communication network. The two are complementary. Why am I suggesting to the Freenet team that they do something differently? Because I care. I want you to succeed, to build a censorship resistant data store. The world needs it. I don't want to have to build it. I don't want you to waste another 5-7 years. > I2P doesn't really interest me as an architecture for the reasons > outlined above and in previous emails, so I don't apologise for > not being a member of your fan club, nor do I expect you to be a > member of ours. No need to be a fan, just to know what you're talking about. You haven't taken the time to understand I2P, yet you keep saying you've "seriously considered" it. One of those statements is false. > You should be wary of forming opinions based on the last thing you > happened to hear. The problem with Tor was its decentralisation, but > the more fundamental problem with Tor that is the same problem that > I2P has, namely that both are trivial to harvest. Are we talking about the same Tor? You realize that only a small portion of the Tor userbase runs ORs, right? And that ORs are the ones publishing their server descriptors in the directory, right? And that work continues on allowing OPs to route for clients? That OPs are essentially peers behind restricted routes? Really, you should stick to what you know. > Why are you so insistent that we do things your way when your way > doesn't even meet our needs? That is pretty arrogant. I'd have no problem if an informed decision to run on top of Tor were made, or even an informed decision that none of the available PETs would suffice. Whatever works. I just hate to see scarce coder hours duplicated unnecessarily. > I am still waiting for a single credible critique of the 0.7 design, > or a single credible advantage that I2P, as a messaging layer, has > over what we have built for 0.7. To repeat myself, here are a few. * Economics. Developer hours are scarce, and Toad (et al) have a lot of work head of them, writing, debugging, and maintaining. Reusing code that someone else takes care of is economically sound. * Risk. Working code in the wild is a known quantity, while code planned is not. There are a lot of 'ifs' in 0.7's algorithms, where the degenerate case turns into what 0.5 offers. * Anonymity. Running on top of I2P would allow Freenet users to blend in with other I2P users. A less segmented anonymous user base offers a greater anonymity set. * Software engineering. The fact that Freenet is *again* building a monolithic system for anonymous communication and censorship resistance seems, unsound. If Freenet truly were better suited than I2P as a comm layer, it would be sound software engineering to build, deploy, and refine a comm layer and then, on top, build a censorship resistant data store, rather than doing them all at once in one big go. This is because censorship resistance has many parameters, as does anonymous communication, and replacing one separate component allows for easier testing and interoperability than a tightly integrated system. It is just bad software engineering to tie them all together. > I actually recommend that you study our messaging layer for 0.7, you > might find it useful in I2P (or does I2P only export code?). I2P uses jcpuid, which Iakin built for both Freenet to go along with I2P's jbigi. In addition, I2P reuses: jetty/apache/jasper [for our webserver and servlet container] xerces [for various xml processing] bouncycastle and cryptix [for various crypto routines] GMP [fast crypto] limewire [optimized SHA1, public domain] xlattice [for their bloom filter] jdom and rome [rss processing in Syndie] adam buckley's SNTP [for their SNTP code] mingw/launch4j [for building windows executables] izpack [a platform independent installer] java service wrapper [instance management] systray4j [offering a windows system tray] apache's xmlrpc [aum's Q] jstl [susimail's processing] As for 0.7's messaging layer, I haven't looked at it, as I2P's seems to work fine. I did browse through dijjer in the spring when I was designing I2P's though, but didn't seem relevent, as the interfaces were too tightly coupled to the algorithm. We did adopt [2] many ideas gleaned from SEDA and HTB though. [2] http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/router/doc/udp.png?rev=HEAD =jr -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDT/RAWYfZ3rPnHH0RAt3FAJ4zDrdHPY3ZhuDFS6fBqV/WRlr7FQCfXtMr r2qldUN6SboytHUYAln2AaU= =8gem -----END PGP SIGNATURE-----
