Matthew Toseland wrote: > That's called "update over mandatory". There are two complications: > 1. We must be able to verify the signature on the update. We don't trust > our peers *THAT* much that we'd deploy unsigned code from them! > 2. We must determine whether the revocation key has been blown. This > means we must get a majority or universal verdict from a number of our > peers on this fact.
Can both of these not be solved with PKI? Simply signing the build with a key under Freenet's control would solve the trust issue, and be verifiable on a client independent of any network activity, yes? --Ken.
