[Freedombox-discuss] Distributed Naming BOF Questions

Isaac Wilder isaac at freenetworkmovement.org
Fri Aug 5 17:54:56 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I have been following the conversation on distributed naming for some
time, and it still seems to me that we could drastically simplify the
problem, for ourself and for all users of the box. Details follow.

On 08/05/2011 01:07 PM, Daniel Kahn Gillmor wrote:
> On 08/04/2011 11:24 PM, John Walsh wrote:
>
>> If, the FBX does issue domain names it could reduce the attack
>> surface by picking a single TLD
>
> hm. this would be either "reducing the attack surface" or
> "maximizing the value of the target".
>
> That is, if all freedomboxes used DNS names hosted in some subzone
> of example.org, then a malicious adversary would need to lean on
> either:
>
> * the root zone operator * the .org zone operator, or * the
> .example.org zone operator
>
> once they did this, they could control *every* freedombox. I'm
> not convinced this is a win. :(
This seems like a non-starter to me.
>
>> Again if the FBX does issue domain names can't the foundation
>> pick a host that uses DNSSEC effectively, or does every host have
>> to use DNSSEC for it to be effective?
>
> For DNSSEC to be cryptographically effective,
>
> 0) every zone used needs to signed properly, and publish signing
> keys for its subzones 1) every named host needs to have key
> material published for that host (via e.g. DANE or sshfp records)
> in DNS 2) every *client* needs to actually check every DNSSEC
> signature and verify it properly (this means recursive verification
> back to widely-published, pre-seeded root zone signing keys)
>
> IMHO, part (2) is the hard part. it's certainly the part that is
> farthest from completion today.
>
> Note that even if this is all done, DNS is still vulnerable to the
> points of centralized control i described above.
>
Why don't we simply obtain a block of v6 space, such that every box
could have its own, static IP address. Using ManusVexo, or other
discovery processes, we could slowly build up a *local* hosts file, on
every box.

I admit that there needs to be some mechanism for lookup, but it seems
to me that it should be completely separate from existing global DNS
hierarchy.

If we adopted a static-addressing scheme, it would leave a couple of
big lookup questions:
First, given somebody's name how do you obtain their address? (Think
of this as the 'friend request'. A one-time process to add someone to
your address book). In the case of key exchange, this is easy, because
you can just exchange your addresses as well, but what about when
you're trying to find somebody that you knew long ago? This might be
as simple as a distributed, open lookup table (with voluntary inclusion).

Second, If boxes are going to be used *en mesh*, they are going to
have to announce their availability at the address of the mesh
gateway. This seems more complicated to me. Having announcements
propagate as quickly as possible seems core. Anybody have ideas in
this regard? I could see co-opting DNS technology for our own
application, but we would need our own infrastructure.

Seems like a perfect application for a DHT-based system.
Does anybody know what I2P does for name resolution?
>> IMHO, I don't think we can stop feeding our personal data and
>> relationship information back into the existing system, because
>> unfortunately, we will not be able to get *all* our family and
>> friends on an FBX.
Never say never. There is a lot at stake here, and though the scope of
the vision is large, there is no reason why sovereign computing
shouldn't become the norm. The advantages are many. Push and pull
factors abound. If the UX is compelling and intuitive, there's no
reason that we couldn't get everyone on the box.
>
> there are network effects at work here (if all *their* family and
> friends are using this alternate infrastructure, they'll have
> incentive to switch themselves), and this doesn't need to be an
> all-or-nothing thing.
Agreed that it doesn't need to be all or nothing. The web is going to
be with us a long time, but the internet longer.
>
> But we do need to find ways we can help people cut down on the
> amount of information they feed to the surveillance regime, or else
> the project will end up being just pretty window-dressing, and
> might actually increase surveillance and repression. That would be
> a sad outcome.
What I am working towards is the emergence of many autonomous systems
(composed of mesh-networked FreedomBoxes) that are owned and operated
cooperatively. We could start off with packet tunnels and dark leases,
and move towards routes that we (humanity) owns.
>
> Regards,
>
> --dkg
>

carefully, as always,

imw
>
>
> _______________________________________________ Freedombox-discuss
> mailing list Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJOPC5wAAoJEA8fUKCD77NLCOoH/0QBO/CQ+tmPXl5Y2i1bNKeU
wUad3DRQDQjwmVpGjFUwRnZeUy6ZY+KlMhMzepaXNlX1vIg20DEKcx5mR+r1o93s
QVFJbewrIUVsdcXMjvpmX4cNXQDOZCXCNuGte1LuJN5eYZ5GWAC/sCSrVqBM/MUa
ThQpe4WUuJsGI3QT2hvpl0C0KmvcXNfXAZtb1cldxcf54zlHTFq/dXz0lFMt9C1L
MeRI0UUBDZUuYzGiJ6hU4Vz5gaqlFM61d40Dx9UGhh5a5nOURSSaOuMaxlbyo8Zt
MspsrzE1UjGw6b+vM7oQ8i7mlRG7DZcrEAZvQ6RN4lZd8zBn88L7gm9eJNAjJSo=
=pY4F
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110805/10012d61/attachment-0001.html>

More information about the Freedombox-discuss mailing list