[Commotion-dev] a related crypto mesh effort: Neruda
Jeremy Lakeman
Jeremy.Lakeman at gmail.com
Wed Apr 11 23:23:00 UTC 2012
On Thu, Apr 12, 2012 at 6:58 AM, Michael Rogers <m-- at gmx.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 06/04/12 15:39, Hans-Christoph Steiner wrote:
>> Here's the proposal for an "open yet hardened overlay network" with
>> similar goals to Commotion from the FreedomBox people. I like
>> their idea for using the host key fingerprint as a normal IPv6
>> address, since they can be the same length. This allows for
>> multiple crypto algorithms to be used, and might allow for more
>> transparent operation.
>
> It might be worth looking at the Host Identity Protocol, which does
> something similar:
>
> http://tools.ietf.org/html/rfc4423
> http://tools.ietf.org/html/rfc5201
>
FYI, the 802.11 ai working group is currently reviewing something like
HIP to authenticate a device with any access point and allow for
charging for usage.
> Isaac Wilder <isaac at freenetworkmovement.org> wrote:
>>> In particular, Neruda would be a distributed hash table whose
>>> search keys would be long-form GPG Key IDs, and whose values
>>> would be the IPv6 address currently associated with the key in
>>> question. (Search key and crypto key are therefore identical).
>
> There's a privacy issue here that bothers me. Any participant in the
> DHT can potentially track the IP addresses stored under a given GPG
> key over time, thus tracking the location of the key's owner, and can
> potentially see which IP addresses perform lookups for which GPG keys,
> thus discovering social relationships.
>
> (Sorry for sending two criticising emails in one day!)
>
> Cheers,
> Michael
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAk+F924ACgkQyua14OQlJ3thmACfZhfuBymamy5N0E9xjrfl79cu
> qKQAoO/fxf678XpYYrRcYW0rGU/fOx+T
> =7z9q
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Commotion-dev mailing list
> Commotion-dev at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/commotion-dev
>
More information about the Commotion-dev
mailing list