On Wed, Apr 26, 2006 at 09:48:41PM +0200, Florent Daigni?re (NextGen$) wrote: > > > > > > Imho we need to publish every known and valid ip addresses, even local > > > ones ; otherwise nodes on the same lan won't be able to connect (to both > > > outside and internal peers). > > > > Isn't that a security risk? Well, not to darknet peers I suppose? > > > > I don't see it as a security risk. Sending one handshake packet once a > while isn't a security problem imho.
I mean sending all our IP addresses. > > > Anyway we don't want to try such addresses unless we have a good reason > > to believe they will work e.g. if we have the same external IP detected > > through STUN ? > > ... whereas sending packets to an external well known 3rd party peer is ;) It's not a great security risk if many other apps also use STUN, but obviously it should be optional. > > Even if we bundle an ip-list of stun servers... a dns name... It will be > a convenient way to harvest. Only if only freenet uses STUN. If it is the case that most VoIP clients and most P2Ps use STUN, then it's not such a risk. > > > True multi-homing as you suggest would be fairly easy though, it's not a > > big deal. > > I'm not saying it's hard to do :) Just that it's pointless to do the > rest without the basis ;) > > NextGen$ -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060427/be6a818d/attachment.pgp>
