On Tue, Jul 11, 2006 at 01:11:45PM -0400, Ken Snider wrote: > Matthew Toseland wrote: > >That's called "update over mandatory". There are two complications: > >1. We must be able to verify the signature on the update. We don't trust > >our peers *THAT* much that we'd deploy unsigned code from them! > >2. We must determine whether the revocation key has been blown. This > >means we must get a majority or universal verdict from a number of our > >peers on this fact. > > Can both of these not be solved with PKI? Simply signing the build with a > key under Freenet's control would solve the trust issue, and be verifiable > on a client independent of any network activity, yes?
That's #1. The complication is that we have to send the node all the keys involved so that it can verify the signatures. #2 is the other side of PKI: Key revocation. This is an essential part of any real world PKI system. > > --Ken. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060711/b1f8ea55/attachment.pgp>
