[Commotion-dev] a related crypto mesh effort: Neruda
Michael Rogers
m-- at gmx.com
Wed Apr 11 21:28:14 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/04/12 15:39, Hans-Christoph Steiner wrote:
> Here's the proposal for an "open yet hardened overlay network" with
> similar goals to Commotion from the FreedomBox people. I like
> their idea for using the host key fingerprint as a normal IPv6
> address, since they can be the same length. This allows for
> multiple crypto algorithms to be used, and might allow for more
> transparent operation.
It might be worth looking at the Host Identity Protocol, which does
something similar:
http://tools.ietf.org/html/rfc4423
http://tools.ietf.org/html/rfc5201
Isaac Wilder <isaac at freenetworkmovement.org> wrote:
>> In particular, Neruda would be a distributed hash table whose
>> search keys would be long-form GPG Key IDs, and whose values
>> would be the IPv6 address currently associated with the key in
>> question. (Search key and crypto key are therefore identical).
There's a privacy issue here that bothers me. Any participant in the
DHT can potentially track the IP addresses stored under a given GPG
key over time, thus tracking the location of the key's owner, and can
potentially see which IP addresses perform lookups for which GPG keys,
thus discovering social relationships.
(Sorry for sending two criticising emails in one day!)
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk+F924ACgkQyua14OQlJ3thmACfZhfuBymamy5N0E9xjrfl79cu
qKQAoO/fxf678XpYYrRcYW0rGU/fOx+T
=7z9q
-----END PGP SIGNATURE-----
More information about the Commotion-dev
mailing list