Re: [GNUnet-developers] Propose new feature - Search Indexer WebService for GNUnet

[LRN]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08.11.2012 0:48, SMoratinos wrote:


> Do you find this interesting? Are you to promote this type of
> service or are you against it?
Integration and web UIs are good, centralization is bad (eliminates
censorship resistance), connections over web (i.e. in your
publish-directly-to-webserver-that-is-not-connected-to-GNUnet example)
are bad (completely eliminates anonymity).

> It feasibility in your opinion? What problems will I encounter?
Main problem will be the lack of cooperation from the developers,
because things you propose go against basic premises of GNUnet
(censorship resistance, anonymity, distributed service).

> Do you have any suggestions, ideas, advice?
I'd suggest you to take a closer look at namespaces.

Basically, namespace owner (a person or a group of persons sharing the
secret key among themselves) can publish something in his namespace
(cryptographically signed), and users who know that namespace's public
key (which can be discovered by non-GNUnet means, or be found in
GNUnet via normal file-sharing search) will be able to search for
files published in that namespace.

Namespace spec also defines a root id; if you search for it, you are
supposed to find namespace root item. Specs are very sketchy on what
exactly that root item is, for now AFAIU it's assumed to be a GNUnet
directory.

Things published in a namespace can also be updated by namespace owner
in a way that allows users searching for namespace root find its
latest version.

This is what we have so far, and what is documented to some extent.

Now, you could go further and come up with some kind of convention for
publishing GNUnet Link Index (a database of some sort; it's supposed
to have more complex structure than just a GNUnet directory) via
namespace. Index itself is not large (the whole thepiratebay detabase
is 1.15 gigabytes, you can publish files this big without much
problems these days). Namespace updates will take care of keeping it
up to date.
All you need to do is for users to have an extension that will check
the namespace for updates, download updated database, and then allow
the user to browse it locally.
It might also have web UI that is accessible remotely
(password-protected, obviously), so you'd be able to browse that
database from anywhere.
This will maintain censorship resistance and anonymity for both
namespace owner and people downloading the database.

Now, putting things into that database is more difficult. You can't go
somewhere directly and submit links/info, since namespace owner is
anonymous. I think it should be possible to publish things encrypted
by namespace public key, publish them normally on your own node, so
that only namespace owner (who will continuously search for these
publications) will be able to find these publications (but then it
might also be possible to censor namespace owner's attempts to search
for these publications, as public key of that namespace will be
well-known to malicious nodes, and changing it often will not help
much and will be inconvenient).
You could set up your own namespace, and feed updates to the database
via it (equivalent of registering an account and becoming an
uploader). However it's not clear how database maintainer/namespace
owner will get to know about that namespace of yours.

You'll have to wait until Grothoff can clarify how
censorship-resistant namespaces are.

And the software that will be used on both sides must be easy to use
and freely available, to allow anyone to host his own authoritative
database of that kind (otherwise you'll end up with one big database
keeper, who can (eventually) be compromised, and then people just
won't have anywhere to go; although even in that case their anonymity
will not suffer).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQEcBAEBAgAGBQJQmtw4AAoJEOs4Jb6SI2CweyQH/jI1AX2W01pFGKagtS4SqTda
ZsiEHJphea95VWiLf9KQBW7eOzJyiDtIKbXRBSvBGl/I+yYAs4AOy6EqvJOHIypY
YEOagbQWeYp+0u5qvhty0bUE81XuwTtc4R9HxgxgPmOD2vSbfYPjxHGQGKS7//la
jpcYUfYMSpmwsqt29svV+elc5xrw9EXQQKIw5UksndIm/A/dduthFIrJAOvKzhL0
y8seD/ND6/60ZEiSTPjv5dcxjKxEMkdNvWZeW2exm36+Ho757DTn+l4mfCSaIZyE
PcOSarMt0WmFiOBCjMEqJLJS7Qi59bKf2ZhobsxvRV+94g8FyaCbRHgQbuhEe34=
=uNp/
-----END PGP SIGNATURE-----