On Wed, May 03, 2006 at 09:32:08AM +0100, Michael Rogers wrote: > Matthew Toseland wrote: > >>* If it were possible to insert an ARK without third parties being able > >>to see whose ARK it was, might it then be possible for my neighbours to > >>retrieve my ARK by non-anonymous means, eg from a well-known server? > > > >Hmm what are you trying to do here? Certainly your reference could be > >published to a well-known server, but it'd have to be by your node... > > Here's what I had in mind: I'd insert my ARK anonymously into Freenet, > and my neighbours would first try my old address, then try to retrieve > my ARK from Freenet, and finally retrieve my ARK from a public "ARK > server" (analogous to a nym server) if none of their other neighbours > were online. > > But if the ARKs retrieved by my various neighbours look the same, the > ARK server will be able to create a map of the darknet. On the other > hand if each ARK is encrypted and signed with a different key, the ARK > server won't know that the ARKs retrieved by my various neighbours all > refer to the same node. It will still be able to harvest addresses, but > it won't be able to link them to one another.
Ummm... they are SSKs. They don't include cross-links: an ARK is exclusively about the one node. > > Another concern is that people might misuse the ARK server as a public > Freenet proxy by publishing arbitrary data inside ARKs, so the ARK > server might need to limit the number of requests per client per hour to > make this an unattractive option. Meaning it would get DoSed? Any centralized infrastructure is vulnerable... > > Cheers, > Michael -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/tech/attachments/20060503/fc1cda06/attachment.pgp>
