[Freedombox-discuss] Decentralized naming (was: Introductions)

[Matthew Johnson]

On Sat Aug 28 02:40, Clint Adams wrote:
> On Fri, Aug 27, 2010 at 02:12:17PM -0700, Anthony Towns wrote:
> > The completely decentralised approach would be to use a distributed
> > hash table and have each freedom box register an id as the key, and
> > their location as the data -- then you just need to find some other
> > freedom box to join the hash table initially, and your friends' ids in
> > order to be completely connected, and cope with dynamic IPs and
> > whatnot. Likely a good thing overall, but getting email and social
> > networks working is probably a bigger win for the masses.
> 
> People already exchange 16-digit numbers to establish social
> networking relationships through their non-free game consoles.
> If this can be adapted to work without a centralized authority,
> I think we have a reasonable starting point with what seems like
> a low bar to entry in current practice.
> 
> If we also cultivate a culture where people are certifying each
> other's identities with the aid of QR codes scanned by their
> smartphones, and we have some sort of digital signing
> convention with which a freedombox owner can attest that the
> freedombox with a certain unique identifier is indeed associated
> with a particular person's identity, then we get the benefit
> of trust paths to both the people and the boxes.

I mentioned similar things in my reply about mobile devices. I think it's a
good idea to get these devices involved in the web of trust and use that in
order to get secure associations with friends. As you say, people already
exchange 16-digit numbers, although that's more addressing than identity
certification. Using QR codes is a good idea. A more simple solution would be
just to stick the whole public key data and certificate on a USB stick then be
able to plug that into the freedom box and say "this is one of my friends,
please talk to them", which would in the process certify that certificate.

What I'd like to see is when you search for friends it says "Via this chain of
friends I know that this is really the right person, is that OK?" or if not say
"I can't verify your friend, you need to do X, Y or Z to confirm it's them" and
tie this all in with the web of trust. The FB-managed email could then manage
signing and encryption for you and also communicating with the other boxes
using monkeysphere to authenticate everything.

Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20100905/a8306632/attachment.pgp>