[Freedombox-discuss] Independent email services

Sun Feb 27 12:42:56 UTC 2011

Hello,

On Sun, Feb 27, 2011 at 9:52 AM, Matthias-Christian Ott <ott at mirix.org> wrote:
> On Sun, Feb 27, 2011 at 09:39:34AM +1030, Paul Gardner-Stephen wrote:
>> > Another solution would be to create an overlay network and address
>> > hosts by their public key fingerprint which I doubt will be easier for
>> > the user.
>>
>> This is part of what we are doing over at servalproject.org, where the
>> primary goal is telephony over wireless mesh.
>> I'm still writing up the detailed description of our overlay system,
>> and will happily share it here when done.
>>
>> > Addressing seems to be an unsolved problem for average people anyhow.
>> > Not everyone will have their own domain or subdomain. And even if they
>> > do, it requires manual configuration regardless how good the user
>> > interface is.
>>
>> Yes, it is a big problem.
>> This is why serval has gone for ECC160 public keys as user identifiers.
>> This avoids IP address collision, and yet allows us to stay IPv4 compatible.
>> Also, the overlay doesn't prevent the use of clever IP addressing, it
>> just provides a fall-back for when that isn't doable.
>
> I suppose such an overlay network would work and wouldn't have problems
> such as conflicts about names or spoofing. However, this would require
> users to exchange 160 bits (in whatever encoding) to contact each other.
> I doubt that people will like this. An identifier such as ott at mirix.org
> is much easier to remember. But once you exchanged it, you can add it
> to an addreess book and it's a problem anymore.
>
> You probably have already thought about this. What is your approach
> for the initial identifier exchange, especially when you can't copy
> and paste it?

We use telephone numbers :)
This is because our primary goal is maintaining telecommunications
during disaster.
So you claim your existing telephone number (or self-allocate), and
roll a random ECC160 key as your unique identifier.
In the worst case scenario, there is no web of trust to validate, but
this is acceptable in the first hours of a disaster.
However, our protocol is designed to allow the ECC public keys to be
signed, maybe by established authorities, but in reality by anyone,
including adhoc authorities and other communities.

This could easily be extended to allow mapping to email addresses, and
using our same routing and resolution scheme to allow email delivery
apart from the centralised internet infrastructure the same way that
we do telephone call routing.

That is, instead of trying to get an authoritive DNS which is
resilient to authoritarian attack, you have a 2nd method of resolution
that works even if the domain name gets pulled off the air.

I think this is a very interesting prospect for freedombox to explore.

Paul.

> Regards,
> Matthias-Christian
>