P2P-Zone - View Single Post - How would you manage identities in decentralized p2p?

SA_Dave · 06-09-02, 08:04 PM

alphabeater brought up an interesting point. I envision that a modified version of this dynamic "DNS" system is possible in a decentralised p2p network, although only in future when the Internet Version 3 reaches mass availability worldwide, which will allow you to download a movie in 45 seconds. Of course, the current dynamic DNS services are exactly that ie. you're dependant on a company with centralised servers & limited resources. It would be extremely impractical & costly to register domain names, make DNS lookups & accomodate dynamic ip-table updating all on one or a few limited servers with limited resources, especially for p2p purposes. Imagine if even 5% of p2p users were constantly or even sporadically connected to & making use of these services!! It would be chaotic, unreliable & potentially akin to a DDoS attack in the eyes of the law. Remember that these services are designed for specific, relatively niche purposes; even in the U.S. where broadband connections are common.

The cryptographic keys proposed by TankGirl could go a long way in solving these problems. If the supernodes could maintain dynamic ip-tables which correlate to specific keys (and thus specific users with specific content) and they cross-referenced each other sporadically, then the problems with fragmentation could be a thing of the past. The supernodes should bear the brunt of this as they are the most capable in terms of hdd space, bandwidth, cpu power etc. The only problem is that Supernodes, like regular nodes, are often unpredictable, temporary or unreliable. How do you maintain the reliability, accuracy & performance you need for this system to work? A master-mega-ultra-maxi-supernode-database-server or farm thereof would be possible, but far too centralised for certain purposes! The relevant database would need to be distributed in a RAID structure, ie. in order to allow for the temporary or fleeting connection statuses of all nodes & supernodes, to as many nodes as is possible in the most stable way possible, in a similar fashion to FreeNet's content-distribution system. This presents a lot of challenges, whch is why I agree with pod on this & that's why I believe it'll happen in this manner in the near-future. The benefits are good, but at the moment too difficult to warrant.

I do understand both TankGirl's and jaan's view on needing permanent verification for a select few peers. Personally, I believe that this has too many flaws. Firstly, companies like Overpeer, RangerInc, RIAA, MPAA, CyberVeillance and all those other spoofers, child pornographers, advertisers, spammers, virus cultivators etc. would continue to thrive and frustrate ordinary users. They are hiding behind the mask of anonymity that the current networks cultivate and this proposal would do nothing ,or at the most very little, to thwart them! Secondly, what about all the situations where people wouldn't want to use this feature? Reasons for this are that you want to share different collections under different logins, you share a computer with other family members whom you do not want to inconvenience by binding their identitiy to that of the machine or simply that you are antisocial & do not want to participate (in this case it could be to the benefit of the community if you share virii & fakes or not if you are just a "fly on the wall".) I'm sure that many users fall into this "stealth" category, and they like it that way. Third, you are assuming that the user is very savvy. Would they really backup all their keys to a floppy, as tg suggested in another thread? Formats seem to be an almost communal experience nowadays. What's to prevent malicious users from remotely deleting keys or formatting drives, installing trojans, backdoors and the like or even using a compromised "trusted" system to cause major damage to communities, friendships, trusted states and even data?

The distributed database sytem, as suggested by pod, although not without its problems, seems much more ideal considering the above scenarios. In this way, there could be a degree of data integrity & security, even if a user has to perform a format! This is why I believe it'll only be possible in the future.

As for the here and now, there are other more reliable channels for distribution. I personally believe that content-centered community tools, such as quicklinks, forums, centralised chat, bitzi or similar services which are integrated into p2p-clients is the best way to go. P2P clients which are based on communities & relevant content collections eg. eDonkey, DirectConnect are generally more effective as content-distribution channels than popular "content is King" networks eg. FT & Gnutella. All of these networks are relatively fragmented (with the exception of DC), yet eDonkey is better than Kazaa because of the way it intelligently groups likewise-minded peers.

Furthurmore, the RIAA cannot shut down IRC, which is essentially centralised, especially if it's used only for chatting purposes. IRC , or a similar centralised chat network, could be a good place to test out the content-distribution methods envisioned by tg. Force all clients to use Nickserv or a similar service for verification. Then allow specialised bots to send & receive the encrypted keys. They could also allow for real-time ip & port information of a trusted contact to be distibuted between "trustees" in secured channels. The p2p-client could then use this data in a meaningful way, ie. maintain real-time connections which prevent the available content from fragmenting due to 'netsplits', to aide in relative content allocation. This is a forseeable method right now, even though it isn't strictly the long-term, decentralised system that is the ideal!

Sorry for causing eye-strain!

06-09-02, 08:04 PM	#23
SA_Dave Guardian of the Maturation Chamber Join Date: May 2002 Location: Unimatrix Zero, Area 25 Posts: 462	alphabeater brought up an interesting point. I envision that a modified version of this dynamic "DNS" system is possible in a decentralised p2p network, although only in future when the Internet Version 3 reaches mass availability worldwide, which will allow you to download a movie in 45 seconds. Of course, the current dynamic DNS services are exactly that ie. you're dependant on a company with centralised servers & limited resources. It would be extremely impractical & costly to register domain names, make DNS lookups & accomodate dynamic ip-table updating all on one or a few limited servers with limited resources, especially for p2p purposes. Imagine if even 5% of p2p users were constantly or even sporadically connected to & making use of these services!! It would be chaotic, unreliable & potentially akin to a DDoS attack in the eyes of the law. Remember that these services are designed for specific, relatively niche purposes; even in the U.S. where broadband connections are common. The cryptographic keys proposed by TankGirl could go a long way in solving these problems. If the supernodes could maintain dynamic ip-tables which correlate to specific keys (and thus specific users with specific content) and they cross-referenced each other sporadically, then the problems with fragmentation could be a thing of the past. The supernodes should bear the brunt of this as they are the most capable in terms of hdd space, bandwidth, cpu power etc. The only problem is that Supernodes, like regular nodes, are often unpredictable, temporary or unreliable. How do you maintain the reliability, accuracy & performance you need for this system to work? A master-mega-ultra-maxi-supernode-database-server or farm thereof would be possible, but far too centralised for certain purposes! The relevant database would need to be distributed in a RAID structure, ie. in order to allow for the temporary or fleeting connection statuses of all nodes & supernodes, to as many nodes as is possible in the most stable way possible, in a similar fashion to FreeNet's content-distribution system. This presents a lot of challenges, whch is why I agree with pod on this & that's why I believe it'll happen in this manner in the near-future. The benefits are good, but at the moment too difficult to warrant. I do understand both TankGirl's and jaan's view on needing permanent verification for a select few peers. Personally, I believe that this has too many flaws. Firstly, companies like Overpeer, RangerInc, RIAA, MPAA, CyberVeillance and all those other spoofers, child pornographers, advertisers, spammers, virus cultivators etc. would continue to thrive and frustrate ordinary users. They are hiding behind the mask of anonymity that the current networks cultivate and this proposal would do nothing ,or at the most very little, to thwart them! Secondly, what about all the situations where people wouldn't want to use this feature? Reasons for this are that you want to share different collections under different logins, you share a computer with other family members whom you do not want to inconvenience by binding their identitiy to that of the machine or simply that you are antisocial & do not want to participate (in this case it could be to the benefit of the community if you share virii & fakes or not if you are just a "fly on the wall".) I'm sure that many users fall into this "stealth" category, and they like it that way. Third, you are assuming that the user is very savvy. Would they really backup all their keys to a floppy, as tg suggested in another thread? Formats seem to be an almost communal experience nowadays. What's to prevent malicious users from remotely deleting keys or formatting drives, installing trojans, backdoors and the like or even using a compromised "trusted" system to cause major damage to communities, friendships, trusted states and even data? The distributed database sytem, as suggested by pod, although not without its problems, seems much more ideal considering the above scenarios. In this way, there could be a degree of data integrity & security, even if a user has to perform a format! This is why I believe it'll only be possible in the future. As for the here and now, there are other more reliable channels for distribution. I personally believe that content-centered community tools, such as quicklinks, forums, centralised chat, bitzi or similar services which are integrated into p2p-clients is the best way to go. P2P clients which are based on communities & relevant content collections eg. eDonkey, DirectConnect are generally more effective as content-distribution channels than popular "content is King" networks eg. FT & Gnutella. All of these networks are relatively fragmented (with the exception of DC), yet eDonkey is better than Kazaa because of the way it intelligently groups likewise-minded peers. Furthurmore, the RIAA cannot shut down IRC, which is essentially centralised, especially if it's used only for chatting purposes. IRC , or a similar centralised chat network, could be a good place to test out the content-distribution methods envisioned by tg. Force all clients to use Nickserv or a similar service for verification. Then allow specialised bots to send & receive the encrypted keys. They could also allow for real-time ip & port information of a trusted contact to be distibuted between "trustees" in secured channels. The p2p-client could then use this data in a meaningful way, ie. maintain real-time connections which prevent the available content from fragmenting due to 'netsplits', to aide in relative content allocation. This is a forseeable method right now, even though it isn't strictly the long-term, decentralised system that is the ideal! Sorry for causing eye-strain!