Re: [Leaf-devel] Greetings from the wonderful world of NoCat...

[Schuyler E. <sch...@or...>]

Matt Schalit wrote:
> 
> On the Wireless Gateways, what are the network peripherals
> on an average system?  You need a wireless transmitter don't
> you?  You also need a link to the ISP, right?  What's the
> hardware setup of those parts?

Yes, yes, and what do you mean by "what's the hardware setup?"

> I like the classes of user.  Have you looked into QoS?

No. Interesting question, though. Patches welcome. :-)

> Do you plan to use a Sun server and an NIS database for the
> user/password handling?

Ugh, no, why? NoCat supports pluggable backends. Right, now custom MySQL
and file-based passwd-like backends are supported.

> I don't understand this paragraph from the "web of trust" section:
> 
> >   * Clients do, however, need to trust the Gateway's notion of DNS and
> >     routing...  Although this is not an issue for Co-op authentication, as
> >     the Service will use registered SSL certs, the gateways *could* spoof
> >     unencrypted traffic.  Clients are therefore encouraged to use secure
> >     application layer encryption, such as SSH or VPN, to maintain data
> >     privacy.
> 
> I don't understand the "gateways *could* spoof unencrypted traffic."

Perform man-in-the-middle attacks, etc.? I didn't write this section, so
I'm not really sure what the issues are. Comments welcome.

> As far as the "roaming ip problem", can't several people's last 24
> bits of their MAC address be identical?

Sure, but the odds are 1 / 2**24 = ~16.7M per node at any given moment.
Hashing with collision recovery was our proposed solution. Anyway, the
"roaming IP" problem has since been deemed beyond the scope of the
project for the time being.

SDE