Re: [Tristero-devl] newbie question: unique peer ID
Status: Pre-Alpha
Brought to you by:
blanu
Menu
▾
▴
Re: [Tristero-devl] newbie question: unique peer ID
|
From: phauly1 <ph...@ho...> - 2002-10-02 15:56:54
|
----- Original Message ----- From: "Sam Joseph" <ga...@yh...> To: "phauly1" <ph...@ho...> Cc: <tri...@li...> Sent: Wednesday, October 02, 2002 5:52 PM Subject: Re: [Tristero-devl] newbie question: unique peer ID > phauly1 wrote: > > >in order to keep reputation on other peers, > >it is fundamental that every peer keeps the same peer ID over time. > > > Well reputation is only useful as long as it is associated with a > particular thing. If you associated reputation with a node's ip > address, and that ip address changed, and some other node used the same > ip address, then your learnt reputation might well lead you astray. > > >how do you assign a (unique) peerID to a peer? > > > By generating some large random number. A private-public key pair is > often useful. so the question is: what does prevent some malicious user from using the peerID of a well reputed peer? I can design my peer's code as i want so i will put the possibility of looking for peerIDs, discovering the best one, and setting it in my peer. how it is possible to prevent it? if you just use public key it is fine, BUT ... what if you want to change your public key (for example because it became compromised)? > > >is this a problem in coping with other networks (such as Neurogrid, Mnet, > >...) > > > > > In NeuroGrid I'm trying to set it up so that all nodes can be identified > in terms of their public key. If a node is able to sign something for > you that you can decrypt with the public key, then you know that node > must possess the private key, and thus you have established their > identity and thus bring learnt reputation to bear when you interact with > them. I think Mnet is doing something similar, but don't quote me on that. just another question came at my mind: how do you plan to securely exchange public keys? are you planning to use some PKI (public key infrastructure)? openPGP? SDSI/SPKI? I have just finished reading chapter 16 (accountability) of " Peer-To-Peer: Harnessing the Power of Disruptive Technologies" http://www.ovmj.org/GNUnet/papers/accountability-ch16.html and it speaks about these topics P. |