On Wed, Mar 29, 2006 at 07:22:02PM +0100, wrote: > The only problem with this is that there will be incompatible changes to > the format of noderefs later on... Should I sort that out now? Since we > are already using PK crypto (in SSKs), it shouldn't be a big deal...
Actually, it IS possible to do this staggered: - Add an optional pubkey to each node's reference. - Make it mandatory. - Sign the reference. - Check the signature. - Use the pubkey for authentication with a fallback. - Get rid of the fallback. > > On Wed, Mar 29, 2006 at 09:37:23AM -0800, Ian Clarke wrote: > > I think people generally do trust their friends, that is what makes > > them friends. I think we should go with the darknet, but make it easy > > for people to run a testnet node too (this process should be described > > separately though to avoid confusion). > > > > Ian. > > > > On 3/29/06, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > > > At what point do we want to support true darknet? It may very well be > > > that we will actually get more testnet testers if we support a true > > > darknet as well, since many will run both networks. > > > > > > Do we have enough security at present to provide a true darknet? Well, > > > if you trust your friends, then I'd say just about; MITM is possible on > > > connection setup, that's the main issue. If you don't trust your > > > friends, no. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060329/b8f964ae/attachment.pgp>
