[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] DHTs and Names



Bjarni R?nar Einarsson <bre at pagekite.net>
writes:

> I would rephrase this to say that an OpenPGP fingerprint would be the
> globally unique identifier for one of the identities associated with a
> FreedomBox. :-)  Simply because the box might have more than one user.
>
> I think this is a really powerful idea and think generally it would
> make sense to use OpenPGP to "claim" or "verify" a set of URIs.  One
> should also be able to claim a self-signed SSL certificate, for
> compatibility with the web.
>
> ...
>
> It would be very important (for avoiding censorship) to have the
> ability to assert that multiple URIs all represent the same thing;
> thus I could publish the assertion that my personal website is at the
> following locations, in order of preference:
>
>     https://123412341243.onion/*
>     https://1.2.3.4/*
>     https://bjarni.pagekite.me/*
>     http://bjarni.pagekite.me/*
>
> ...
>
> Also,  when importing these OpenPGP identity documents, they could
> themselves *suggest* a petname for each set of URIs and when there is
> a clash it could be locally resolved automatically.
>
> I really think something like this is the right way to go.

Part of your idea is already possible: the FireGPG extension (for
Mozilla browsers) verifies signatures in pages.  Signing both documents
with the same key leverages the Web-of-Trust and solves the naming
issue.

This still doesn't resolve actual routing or delivering updates, though
those could be protocol-specific problems.

Perhaps a DHT of signed naming information would be useful?  Combined
with a routing daemon, we could connect people directly to one another
based on GPG keys (and the signed routing information) alone.  Namecoin
[0] and ncproxy [1] are already solving similar problems.
Unfortunately, I have no clue how to do this.  Studying DHTs, like
Kademlia, seems like a good place to start.

Hand-wavey crazy concept follows: this would even allow a
protocol-agnostic message system that sends the message along the most
appropriate or preferred protocol based on the message's contents.

Nick

0: https://github.com/vinced/namecoin

1: https://github.com/vinced/namecoin/tree/master/client

-- 
GPG: 0x4C682009 | 084E D805 31D8 5391 1D27 ?0DE1 9780 FD4D 4C68 2009




Reply to: