[Artifexd] A better ircd [RFC]
This is a RFC stage spec. It means it is not yet mature, and you are more than welcome to help refining it. The preferred avenue is through making comments below.
1. At startup, programi reads from local configuration filesii :
- A public/private keypairiii ; a "for" key fingerprintiv ; a local salt.
- A list of IPs, each with an associated public key, a "for" field containing a key fingerprint, a pgp-signed document by the for key certifying the validity of the IPs public key with an expiration unixtimev in case the for field differs and a nickname.
- A list of key fingerprints, with associated trust ratings as signed integer and a comment, signed by the "for" key.
2. Program connects to each of the IPs listed on port 1337, sends a Hello packet encrypted to that IPs public key containing its public key, its "for" fingerprint, a signed certificate for the IP fingerprint if necessary, a session salt derived from hashingvi some source of entropyvii with its local salt and a nonce. Each subsequent packet will increment that nonce by 1.
3. While functioning, program will accept connections on 1337 by listed IPs only.
4. While functioning, program will maintain a bundle of current public messages, composed of the "for" key fingerprint, a timestamp, a text field. Every second, for each IP in its list, program will add a a hash of the timestamp with the proper session salt for each session, encrypt the bundle to that session's destination IP and send it over.
5. While functioning, program will process bundles sent by open sessions, decrypting the sent bundle, verifying timestamp hash matches timestamp, and updating its own bundle to insert any missing messages. Any errors or unexpected conditions dropped to log.
6. While functioning, program will display current bundle of messages to user, something like :
FB0A C0EB 867C 3172 ADCF 5DD1 46FD 816F 1020 ED78 for 6160 E1CA C8A3 C529 66FD 7699 8A73 6F0E 2FB7 B452 1420477939 Hi there
The "fingerprint for fingerprint" part should be maskable by the user, through allocating any arbitrary nickname he wishes to any fingerprint or combination thereof.
7. While functioning, program will accept messages from the user, format them accordingly and insert them in its current bundle.
8. Private message functionality should be implemented as direct-link exceptions : messages received from an IP and originating from that same IP are to be treated as private messages to the user, not included in the public bundle and reported separately.
9. Program will not communicate the IPs of any of its correspondents to any of its correspondents. Program will not respond to any requests coming on port 1337 from IPs not in its list.
10. Program will compile the Web of Trust based on the signed lists received from its correspondents and display it to the user.
UPDATE, Jan 6th : As per discussion on b-a, Artifexd will be in charge of this project.
———- You can write it in whatever you please as long as it compiles on linux. [↩]
- These must be text files. [↩]
- Steal gpg code - any version prior to the Snowden defection. [↩]
- Full fingerprints are always used, everywhere, throughout. [↩]
- There should be a special, fixed format for these. [↩]
- All references to hashing require sha-512, no exception. [↩]
- Such as urandom. [↩]
Tuesday, 6 January 2015
This is almost exactly it. Except for the dependence on IP - that one is catastrophic. You want a connection-less protocol, for two reasons:
a) The enemy can diddle IP any way he likes, and send packets apparently originating at an arbitrary source, without breaking a sweat. Existing routing fabric is actually set up to enable this. (Ask them why, not me. But no prizes for guessing.)
b) A connection-less protocol readily sets you up for transition to comm channel media where the concept of 'originating address' does not apply - shortwave radio, pigeons, messages in bottles, wherever.
Ultimately the only interesting attribute of an incoming packet is whether it is 1) new 2) signed by a blessed pubkey. The former is readily established by keeping 'hellos' short and embedding epoch time in the signed block. The latter is likewise trivial to verify.
IP filtering is a tremendously poor anti-DOS mechanism, on account of (a).
Ultimately the answer is to use UDP packet of bare-minimal length that holds 'hello' (key, nonce, signature). These can be accepted from whatever source (e.g. radio and pigeon) and verified rapidly, at line-speed (eventually - in custom logic?)
The only concepts of 'source' and 'destination' that really make sense for this application are the public/private keypairs.
Also there's this. I can't help but wonder who else will confess to having worked on more or less precisely this kind of apparatus.
Tuesday, 6 January 2015
I wouldn't be against an UDP implementation provided someone's capable to do it right.
Tuesday, 6 January 2015
The enemy can't diddle IP anyway he likes on TCP connection. For a connection to make it past the SYN stage, the attacker would have to have traffic for the "fake" IP address to actually make it back to him. While this could happen in via some sort of BGP compromise, it is far from trivial.
Contrast that to changing the source IP address on a UDP packet. That is trivial.
I am not arguing that TCP is superior to UDP for this particular application, but only that the IP diddle-ability of TCP is not a valid argument.
Tuesday, 6 January 2015
I imagine what he had in mind was the first upstream router being adversary.
Tuesday, 6 January 2015
artifexd:
1) IP spoofing - works. For several effective values of 'works.' If you wish to argue otherwise, argue to someone who isn't under regular NTP reflection attack.
2) Changing source address on UDP packet won't matter, because a correct implementation of the scheme disregards alleged addresses as identification entirely, relying solely on public key cryptosignatures.
Tuesday, 6 January 2015
But 1 doesn't work for a full connection, merely for syn flooding n'est pas ?
Tuesday, 6 January 2015
The NTP reflection attack only works because it is a NTP runs over connectionless UDP. Thus I can send an NTP server a UDP packet with your IP address as the source and the NTP server will send its response to you.
Tuesday, 6 January 2015
artifexd: for further discussion of the hypothetical, please assume a maximally compromised box immediately upstream of your system. That means arbitrarily-diddled IP header contents.
The notion of permanently marrying the thing to IP per se (with the attendant notions of source/destination geography) is disastrously wrongheaded.
Tuesday, 6 January 2015
Assuming a maximally compromised box between me and the rest of the universe means that nothing can be trusted. At all.
I couldn't even pull your public key from the mit keyserver because it could be swapped out in route.
Assuming a maximally compromised box between me and the rest of the universe means that all is lost. Period. Full stop.
Tuesday, 6 January 2015
artifexd:
> I couldn't even pull your public key from the mit keyserver because it could be swapped out in route... Assuming a maximally compromised box between me and the rest of the universe means that all is lost. Period. Full stop.
This is disastrously mistaken, because out-of-band key exchange exists (sneaker-net.)
Tuesday, 6 January 2015
But you just violated your own maximally compromised assumption.
Tuesday, 6 January 2015
Mircea Popescu:
Violated how? Assumed a compromised upstream machine (ISP), not a compromised universe with my brain captive in an enemy's jar.
Wednesday, 7 January 2015
At the risk of repeating myself, I would like to make the case for public keys as the only identifying marks in the proposed scheme (vs. any reliance on IP addresses, which really presumes an Internet circa 1989, which has unfortunately been replaced with a somewhat different, fouler-smelling kind of Internet.)
Apparatus should work in the same way as, e.g., MPEx - should not matter how a message packet makes its way to the destination, so long as it carries a WoT-passing signature from the standpoint of the recipient.
In the same vein, Mr. X should be able to hold an encrypted (signature on the outside) message meant for Mr. Y, for a spell. The day will come, I believe, when some people worth talking to will have very intermittent connectivity (perhaps once in a year!) See below.
Whitelist pubkeys, not IPs. This will enable transition to a communication mechanism other than the traditional Net, whose peaceful days, I believe, are numbered.
Wednesday, 7 January 2015
All of the talk of how IP addresses in packets can be compromised aside, I do agree that limiting who can connect to who via IP addresses in a static text file is less than ideal. My reasons are different though.
1) IP addresses change, even for a static geographic location. Even more so if it is a mobile device.
2) How would brand new servers connect if existing servers only accept connection from IPs that I already know about.
Instead...
Uh, yeah. What Stanislav Datskovskiy wrote about public keys.
Wednesday, 7 January 2015
I'll also add that any reliance, or even encouragement of, the use of static IPs, will - in practice - lead to folks running 'bouncers' (the way customary among irc users) with predictable consequences (moderately valuable targets for compromise. especially given the penchant various folks have for skimping on hosting cost and running inside virtual machines of various descriptions.)
Wednesday, 7 January 2015
Another observation: a 'for' key that signs 'for' itself is a violation of airgap principle. Aka a walking corpse.
Wednesday, 7 January 2015
1) Create master identity key pair (this is you. don't lose. evah.)
2) Create slave identity key pair(s)
3) Sign slaves with master
4) Publish master public key as identity
5) ircd uses slave identities while communicating. The master private never ever gets loaded into memory. Hell, it doesn't even have to be on a connected machine. Ever.
6) Have some method for revoking compromised slave keys.
So, in the end, ircd would accept keys signed with the master as proxies for the master.
Wednesday, 7 January 2015
The original reason the MPEx model was replaced with an IP bastard version was my attempt to be less MP-ish and cater to the needs of the world. I guess it wasn't the smartest move. Gotta learn one of these days that trying to be "reasonable" never pays, and stick to being reasonable instead.
As to @artifexd's point that
This is fundamental. If you used a key based system you STILL would only talk to users you know about. This is part and parcel of the b-a voice model, and it's how things work. Unless someone goes out of his way to credit noobs, noobs sit and twiddle thumbs. The assumption that "new" can automatically join the fray is unwarranted.
Wednesday, 7 January 2015
Mircea Popescu:
The way to deal with n00bs, if so inclined, is designated 'zoo' gateways having own keys, under which the n00bs collectively (!) speak, and are listened to (or not) on a particular day/hour depending on the 'radiation level outside the bunker.'
Wednesday, 7 January 2015
Even in #b-a, noobs can sit quietly, listen, and hopefully learn. This would prevent them from even joining the network at all.
Wednesday, 7 January 2015
artifexd:
> 1) - 4) 5) ircd uses slave identities while communicating. The master private never ever gets loaded into memory. Hell, it doesn't even have to be on a connected machine. Ever.
Glad to see that you arrived at the one and only correct answer.
6) Ephemeral keys (see my discussion on #b-a should expire as a matter of course when a replacement one is proclaimed by a user - who signs it on his airgapped machine and loads in the result.)
Wednesday, 7 January 2015
artifexd:
> This would prevent them from even joining the network at all.
They can listen in specially-designated 'www-gatewayed' read-only zoos, reminiscent of www Freenode interfaces, kept by any fully-fledged participant who wishes to suffer the cost.
Wednesday, 7 January 2015
Kinda the companion for this project would be a webserver gateway, open to the Internet. But that shouldn't be too hard to do.
Wednesday, 7 January 2015
A destination field (fingerprint or #channel string) would be nice to have in messages. The client should probably encrypt private messages to destination fingerprint's pubkey.
Wednesday, 7 January 2015
Not that the thing wouldn't be readily extended to supply it, but does the "channel" abstraction even make any sort of sense ? What exactly would it be ?
In the old days of centralised servers it served as a way to trick the naive youth into thinking they are in control. With an open model the concept doesn't seem to translate.
Wednesday, 7 January 2015
The "bundles of messages" that one server sends another should be a consistent size. Too little data? Pad it with noise. Too much data? Messages have to wait.
The size doesn't need to be the same from one server to another, but it should be static for a given server.
It will increase bandwidth usage and, possibly, delay message transmission, but it will prevent an outsider from tracking who is talking to who.
Wednesday, 7 January 2015
As you well observe, this thing is in fact Bitcoin without the shared public ledger (kept instead as a virtual private ledger by each node).
Wednesday, 7 January 2015
artifexd:
> ...should be a consistent size. Too little data? Pad it with noise. Too much data? Messages have to wait.
See recent thread on #b-a regarding 'erasure coding.' Rather elegant way to eliminate dependence on TCP (you get ordering and correction of omitted frags for free when you use something like 'raptor code'), frustrate traffic analysis, and solve several related problems.
In my original experiment, two nodes in contact with one another settle on a bit-rate and transmit state (fountain-code fragments) continuously, 24/7.
Wednesday, 7 January 2015
In theory, one could send a message 'for' a fingerprint that does not correspond to an instance of ircd (gotta think of a better name). That message should get transmitted throughout the network, right?
Might then a fingerprint that does not correspond to a machine refer to what current irc calls a channel?
Wednesday, 7 January 2015
No, because anyone can join what's currently called a channel, whereas only the recepient should read what's a "for" message. Which is why the direct vs indirect route distinction in the spec.
Wednesday, 7 January 2015
FB0A C0EB 867C 3172 ADCF 5DD1 46FD 816F 1020 ED78 for 6160 E1CA C8A3 C529 66FD 7699 8A73 6F0E 2FB7 B452 1420477939 Hi there
That translates to: The entity that possesses the key which fingerprints to FB0A C0EB 867C 3172 ADCF 5DD1 46FD 816F 1020 ED78 wishes to say "Hi there" to the entity that possesses the key which fingerprints to 6160 E1CA C8A3 C529 66FD 7699 8A73 6F0E 2FB7 B452 1420477939. Right?
So how to I communicate a single message to multiple people? Multiple messages? Is the recipient an array? Is there a fingerprint that aliases to multiple fingerprints?
Wednesday, 7 January 2015
Wrong. The entity which posseses the key 6160 E1CA C8A3 C529 66FD 7699 8A73 6F0E 2FB7 B452 1420477939 sends the message Hi there, which is being relatyed by an entity which posseses key "FB0A C0EB 867C 3172 ADCF 5DD1 46FD 816F 1020 ED78". Whether this is good enough to relay the message or not is to be decided by recipient.
In retrospect the use of "for" is probably uninspired, and I was so warned. But it's a for like in "qui facit per alium facit per se", he who does for another does for himself. X [doing] for Y.
Wednesday, 7 January 2015
artifexd:
> So how to I communicate a single message to multiple people? Multiple messages? Is the recipient an array? Is there a fingerprint that aliases to multiple fingerprints?
Here is another way to think of it, which may help.
A keyholder may transmit two kinds of message:
a) A bitstring signed with an ephemeral key, presently valid (a signature with his permanent key was transmitted at one point, and has not been superseded since.) This string is meant to be retained 'in saecula saeculorum', showing that 'thus spoke Mr. PERMANENTKEYFP on the Unix epoch time T.' Whoever is able to read this, can store it, relay to others, to whoever he wants.
b) A bitstring signed (as above) consisting of an enciphered string, but likewise carrying along a destination (pubkey fingerprint) - the intended reader. As described in Mircea's article, this normally wants to travel directly from one operator to another. But, on account of proper crypto being in use, there is no reason why it cannot travel in some other, more painful way if it must.
A node operator, when he is not producing new strings of either type himself, is really carrying on with collecting (and displaying) newly-minted (A)s and (B)s - but only those emitted by folks in his WoT or within D degrees of it.
To collect, he may ask the other end of the wire to return bitstrings such as 'latest timestamp of Mr. X, who is in my WoT, having spoken' or 'global hash of what you know Mr. X to have uttered' (of the 'a' / saecula saeculorum packet type exclusively, naturally), and the like. Thus, two nodes in communication with one another are continuously reconciling their stores of (a), as well as exchanging any (b) which their operators may wish to send.
mircea_popescu: if any of the above conflicts with your mental image of the design, do tell.
Wednesday, 7 January 2015
Imagine server A (with fingerprint A) wants to send a message.
Imagine server A is connected to server B (with fingerprint B) and server C (with fingerprint... uh... C)
Server A transmits this to both B and C:
A for A 'message'
Server B transmits this to C:
B for A 'message'
And server C transmits this to B:
C for A 'message'
At which point the message has completely populated the network and is no longer transmitted.
Does all that look right?
Does 'A for A' look funny? It certainly makes for a simpler parser.
Wednesday, 7 January 2015
artifexd:
Considerably easier if done with some amount of 'pulling' rather than 'pushing.'
Consult literature re: 'gossip protocols' to learn more specifically how.
Wednesday, 7 January 2015
A for A is not intended to be used except if the user simply lets the server use his own key. Generally it would be A for X, which thenm moves to C for X and B for X. Other than that, yes, that's the intended functioning.
Wednesday, 7 January 2015
Assuming X is the user's fingerprint...
Wait, so a single "ircd" could be the entry point for several users?
I was imagining the server is the user is the pubkey identity.
This just got more complicated.
Wednesday, 7 January 2015
Each server is the "entry" point for whichever messages it chooses to relay. If A tells B about a message, who in turn tells about it to C, there's no reason to assume C has a direct connection to A to check. Therefore, messages written by both the single user of A and the single user of B appear to C as originating from B.
In other words, there's no assumption made about how many people use any one server, nor is such useful.
Wednesday, 7 January 2015
A.This is all very interesting
B.If C receives a message from "B for X", how does C know if in fact X authorized this? At most he could see that X authorizes A, but A is not B. For all you know, B is making up messages from X and delivering them to C.
Wednesday, 7 January 2015
Yes, this is exactly the point. C trusts B, hence B is in his list. If B violates that trust, C will remove him, and thus resolve the problem.
Meanwhile for Z, the operator of C, the situation presents itself as such : users whom he trusts, and thus are in his list, send messages which can be verified, as they're directly relayed. All other users, who connect to him through these, may only be verified and for that matter only interest to the degree one trusts the connection through which they arrive. Thus user K, of which Z has no idea, will be (correctly) represented as "someone whom Y knows and vouches enough for to forward his comments" if Y is the user of B and B is the apparent source of K's messages.
Maybe the name of this should be gossipd, because that's exactly what it does.
Thursday, 8 January 2015
An account of the relevant convo on #bitcoin-assets, snipped from the logs, cleaned of meta and off-topic:
January 5th, 2015
mircea_popescu: http://trilema.com/2015/open-a-better-ircd-rfc/ < < pls to rfc
ben_vulpes: mircea_popescu: "Helo" -> "Hello" ?
mircea_popescu: mebbe "heyo" ? make an argentine joke right in the spec!
ben_vulpes: hueo
mircea_popescu: in keeping with the naming conventions introduced, everyone can call the helo packet whatever they wish :D
davout: i want an OHAI packet
davout: opening a connection
mircea_popescu: you got it
davout: said connection being terminated by a KTHXBYE packet
mircea_popescu: no terminations rly.
ben_vulpes: ("BAI")
davout: LOLWUT packets to be used for the filling of sequence gaps
mircea_popescu: many moons ago some kids did write some thing that used the PIZDA/PULA convention.
mircea_popescu: ie, started with cunt, ended with cock.
mircea_popescu: was the best thing ever for a summer.
davout: what do you mean by "a signed certificate for the IP fingerprint if necessary" ?
mircea_popescu: well how do you know X is allowed to speak for me ?
mircea_popescu: unless the server is actually using my own keypair. which it conceivably could.
davout: GPG-signatures?
davout: ok
davout: server keypair
mircea_popescu: basically, program has one, you have one. you can if you wish use the same. don;'t have to.
davout: so if i understand correctly the daemon has its own keypair, the "for" keypair would be the user's
mircea_popescu: yep
davout: makes sense, the hash, salt and nonce fiddling is to prevent against replay right?
mircea_popescu: davout no, it's to make mitm and masquerading much harder.
davout: apart from replaying i can't think of an example where GPG isn't enough a protection already
davout: s/enough/enough of/
mircea_popescu: a replay "attack" coming from a trusted host carries a very large cost. they'll get banned.
mircea_popescu: tbh the l2 list etc has been a revelation in computer security for me.
mircea_popescu: it's been much better stated by smarter men, of course. http://www.ranum.com/security/computer_security/editorials/dumb/
davout: i was thinking rely on GPG and simply encode a nonce in the message
mircea_popescu: davout suppose i send spoofed ip messages.
mircea_popescu: i can encode to your public key.
mircea_popescu: what now ?
mircea_popescu: in the design as is, now you reject my junk because i don't know the salts.
davout: i discard your messages since it doesn't bear a valid GPG signature
mircea_popescu: messages don't need to be signed.
mircea_popescu: and this deliberately.
davout: if they were wouldn't that remove the salts requirements?
mircea_popescu: it would but it's moot, because i'm not about to require people to sign everything they say.
davout: because if you know the server's key, you're probably aware of the salts etc
davout: ic
mircea_popescu: how does that work ? you know my ip and his gpg pubkey.
mircea_popescu: how does this make it probable you have root on my box ?
davout: i meant if you raped the server for its key, you may as well have the salt and stuff
mircea_popescu: pubkey ?
davout: both
mircea_popescu: o you meant in your signed alt-spec. mkay.
davout: i didn't think of the requirement to sign as an issue actually
mircea_popescu: actually, it occurs to me this needs some padding.
kakobrekla: it seems ircd centralization has been a problem since forever and noone has bothered to solve it
mircea_popescu: pretty much.
mircea_popescu: it's all rotten to the core, conceptually. what the shit is a "moderator" anyway ?
BingoBoingo: mircea_popescu it's all rotten to the core, conceptually. what the shit is a "moderator" anyway ? < < They are the person at the nightclub who makes sure you drink the two drink medium, but get you off the premises if you actually get drunk.
mircea_popescu: i thought it was the dumb bitch on tv that acted important and prevented anyone from making any sense
BingoBoingo: mircea_popescu i thought it was the dumb bitch on tv that acted important and prevented anyone from making any sense < < AH, the asshole enforcing moderate talking instrad of moderate drinking. Easy to mix those assholes up.
January 6th, 2015
asciilifeform: mircea_popescu: i sent in a comment re: 'ircd' article a few hrs ago.
mircea_popescu: a ok. http://trilema.com/2015/open-a-better-ircd-rfc/#comment-111175
mircea_popescu: "The enemy can diddle IP any way he likes," < < sure, but that's why salt is there.
mircea_popescu: i can appreciate the purity of your vision, but i'd rather have this work on current hardware. what else is there ?
asciilifeform: enemy cannot hijack session by spoofing packets, but can get really annoying
mircea_popescu: how ?
asciilifeform: dos
mircea_popescu: gimme like a scenario.
mircea_popescu: nope. port just ignores him.
asciilifeform: expends cpu cycles on doing so
asciilifeform: at any rate, no magical hardware needed!
mircea_popescu: providing he finds your ip (which i doubt), you can just switch it too.
mircea_popescu: for that matter i envisage most people using this on multiple ips
asciilifeform: the hello-in-udp-mtu lives happily on existing linux/commonplace archs
mircea_popescu: i wouldn't be against this being implemented in udp in any case.
asciilifeform: no need to keep track of ips, and to marry the notion of 'origin address'
mircea_popescu: just, needs an extra engineer.
asciilifeform: the other nice thing re: udp is that a connectionless/stateless protocol frustrates traffic analysis very well.
asciilifeform: in my 'error coding' scheme, the station transmits at all times.
asciilifeform: anyone who wants to receive the current pubmessage snapshot can start listening at any point, and will eventually end up with it
asciilifeform: after approximately 1.03N bytes for a payload originally length N
asciilifeform: why mircea_popescu had to ruin my surprise gift to the fine folks of #b-a. i was gonna roll that thing out with cardano.
asciilifeform: now one of you lot will end up having to write it!
mircea_popescu: well cuz i didnt know, cuz someone didn't tell me
asciilifeform: from scratch.
mircea_popescu: cuz no mail apparently.
asciilifeform: mircea_popescu does not like surprise
asciilifeform: lol
asciilifeform: at any rate, i did bring it up in here on a few occasions. but did append the gotcha, 'not ready for battlefield because little time' - which is presently true
...later that day
mircea_popescu:asciilifeform http://trilema.com/2015/open-a-better-ircd-rfc/#comment-111208 port 1337 tho kinda elitist don't you think < < yes, i do. so it's a new rfc and interoperability means nothing < < interoperability with what ?
mircea_popescu: artifexd ya was just looking for you in the list lol
artifexd: I have decided that I like this ircd project.
mircea_popescu: o hey.
mircea_popescu: can you actually do it ?
artifexd: I like it to the point of being willing to commit time to do it.
mircea_popescu: am i s/open/artifexd/ ?
asciilifeform: http://trilema.com/2015/open-a-better-ircd-rfc/#comment-111210
asciilifeform: answerd
artifexd: Would you like to discuss in here or keep it in the comments?
*: asciilifeform believes that the scheme as originally described is disastrously mistaken
mircea_popescu: coments best!
artifexd: mircea_popescu> am i s/open/artifexd/ ? < < huh?
rithm: port 1337 tho kinda elitist don't you think
TomServo: Nah, just leetist
rithm: 7000 would be more in line as a "standard" irc port with security
asciilifeform: but this isn't irc !
TomServo: a port is a port
rithm: riiiight
asciilifeform: has no one actually -read- the thing ?
artifexd: mircea_popescu> can you actually do it ? < < There are mad amounts of detail to work out. That said, yes. I can do it.
rithm: so it's a new rfc and interoperability means nothing
rithm: i forgot it's unicorn land please continue
kakobrekla: i think the idea is to fix shit, not make it more beautiful.
rithm: seems like centralized mechanism to prevent mitm, really only becomes decentralize with more /links
asciilifeform: centralized ?
asciilifeform: rithm: did you actually read mircea_popescu's article ?
rithm: i think i'm looking at it now
mircea_popescu: artifexd am i editing the thing to reflect you're doin' it.
rithm: b. A list of IPs
rithm: the "thing" scales with /links to other "things"
mircea_popescu:
rithm: so the client is the server in this scenario or not? is it more p2p or not because i'm not seeing this definition in the language
rithm: traditional irc is clinet/server but this isn't irc
mircea_popescu: there is no "Server"
mircea_popescu: much like in bitcoin, some will run larger clients which people can reliably connect to.
mircea_popescu: but they'd still be running the client code, more or less.
rithm: if it scales verically like "interaction" with this thing creates a new "server" then that doesn't sound centralized
mircea_popescu:
asciilifeform: active thread on mircea_popescu's site, btw
rithm: not that architecture, but I'm not reading that definition on trilema
rithm: TFA title says ircd but it's not something to interoperate with any known ircd correct
mircea_popescu: correct.
asciilifeform: perhaps misleading title, 'better ircd', i admit i almost postponed reading it when first saw on account of this
mircea_popescu: ftr, the car was called "a better horse buggy" originally.
punkman: forward secrecy would be nice if possible
mircea_popescu: if one doesn't buy into the entire "branding, even if or especially if before the fact" one's stuck with this. i don't mind it so much.
mircea_popescu: punkman forward secrecy is a one on one affair, mostly. the salt is supposed to implement as much as it's possible, and the lack of signatures.
mircea_popescu: perhaps i don't actually see the whole ball there tho.
asciilifeform: mircea_popescu: i argue that all transmissions must be signed, if this is to be the thing it is really meant to be.
mircea_popescu: but seriously, let's move all discussion on the article, otherwise it'll be hard to fish from logs later on
*: mircea_popescu shall make further responses there.
January 7th, 2015
artifexd: mircea_popescu: Do you envision the ircd project have the end goal of replacing the freenode #b-a channel or is it only supposed to be a way for one individual to communicate with another individual?
asciilifeform: artifexd: answer not obvious from the article ?
mircea_popescu: artifexd it's supposed to replace ircd as a secure, fast and reliable means to communicate directly with others.
mircea_popescu: arguably ircd isn't really any of these, but going by intent rather than practice.
*: asciilifeform also points out that, as written, apparatus is also meant to replace the classical 'wot'
mircea_popescu: obviously, will have to.
asciilifeform: or at least offer a parachute of it.
mircea_popescu: i thought about it for a while, but fundamentally, wot has a lot of trouble existing independent of the forum.
mircea_popescu: such as, in medieval times punishment lists were put out in the marketplace.
asciilifeform: as late as 18th c. actually.
mircea_popescu: right.
asciilifeform: as well as the actual punishments.
mircea_popescu: http://seclists.org/fulldisclosure/2006/Jun/843 < < old lilo drama, if anyone's unsatisfied by the piles of bitcoin drama we have fresh on tap.
*: asciilifeform has been enjoying 'Seeing Justice Done. The Age of Spectacular Capital Punishment in France.' (Paul Friedland.)
mircea_popescu: (possibly the first in the trend of white trash "do-ologists", something that's apparently coming en vogue what with all the couch surfing entrepreneurs)
asciilifeform: i vaguely recall reading his obituary ?
mircea_popescu: yeah died at some point last decade
mircea_popescu: reading the comments, this new ircd thing is actually fucking exciting.
kakobrekla: yeah you basically invented ethereum or something
mircea_popescu: eh ?
kakobrekla: >As you well observe, this thing is in fact Bitcoin without the shared public ledger (kept instead as a virtual private ledger by each node).
kakobrekla: very blockchain 2.0
mircea_popescu: heh
asciilifeform: artifexd, others: http://trilema.com/2015/artifexd-a-better-ircd-rfc/#comment-111236
artifexd: !s erasure coding
assbot: 5 results for 'erasure coding' : http://s.b-a.link/?q=erasure+coding
asciilifeform: artifexd: there are several known ways of doing a 'fountain code' (term of art) - where a bitstring, B, is transformed into a number, N, of shorter bitstrings, whereby X of N can be collected, in any order, and with certain quantity of errors permissible, to reconstitute B.
asciilifeform: X*N is naturally larger than B. by how much - depends on particular algorithm chosen.
asciilifeform: the most classic, 'naive' algo for this, known to nearly everyone under one name or another, is reed-solomon.
asciilifeform: but very high overhead.
mircea_popescu: right, this is an excessive approach
asciilifeform: this is one of the very few mathematical/computation subfields where there was real progress in the past twenty years.
artifexd: I fear that the more complicated the math, the more likely I am to screw it up.
asciilifeform: something like 'raptor' algorithm gives overhead of, iirc, 3-5%.
asciilifeform: artifexd: a good compromise, probably, would be the Luby transform.
asciilifeform: it can be implemented without unusual effort or mathematical education.
artifexd: Is "can be transmitted via carrier pigeon" really a priority for this project?
asciilifeform: not as such, imho
mircea_popescu: nah.
asciilifeform: but there is no particular reason to glue it to ip on protocol level
mircea_popescu: ideally we keep away from any really dumb ideas that'd prevent moving away from the current situation
mircea_popescu: but otherwisew this is supposed to work today.
asciilifeform: if you can get packet P from your box to other end, using paper letter, but not the net - should be able to do so
artifexd: TCP does offer advantages. Not having to reinvent/reimplement transmission reliability/ordering is not a minor thing.
mircea_popescu: agreed.
asciilifeform: not having to worry about syn floods, etc. plus frustrating most existing traffic analysis widgetry - udp, if done correctly, is a serious win
asciilifeform: the connection-tracking apparatus of tcp is really half the force behind the sting of 'ddos'
artifexd: syn floods are a solved problem
mircea_popescu: it requires someone to do it correctly.
asciilifeform: undergrad-level problem
mircea_popescu: artifexd that all depends. relativelysolved lol
artifexd: Boxes that sit in front of the server that establishes connections and only passes on the connected ones can be bought of the shelf, right?
mircea_popescu: everything can be bought of the shelf neh ?
asciilifeform: incidentally, here's a small idea. instead of transmitting snapshots of global state (of 'channel'), have each packet be a reconciliation of one particular pubkey's history. that way there is no need to reassemble gigantic blob.
artifexd: As far as traffic analysis goes, as long as all of the transmissions are opaque noise (because they are encrypted) and are of constant size, analysis is impossible.
asciilifeform: artifexd: it is also necessary that they have no temporal correlation to anything.
artifexd: Right. But "once a second" is in the first draft of the rfc.
asciilifeform: artifexd: this requires a fixed, steady flow of bits between the two points.
artifexd: Yes.
mircea_popescu: artifexd more's the point, i don't specifically give a shit about "analysis"
mircea_popescu: let the derps analyze it until they fall over. this retreat of person to "anonymity" is exactly the wrong strategic moves.
mircea_popescu: if the state controls the field of identity it doesn't need much more.
mircea_popescu: no, i shan't live by any entities' permission. the state will live by my permission, or go down in a hail of bullets and flame thrower exhaust.
asciilifeform: not suggesting that 'anonymity' warrants complicating design, but if it can be dropped by the gods from the sky at no cost, no reason not to pick up.
mircea_popescu: sure, that much.
mircea_popescu: on a more practical angle, you will note that the various entities relying on "secrecy" are in jail, from the pirate robets to the shrem dude. even "thanking the judge for a justice well done".
mircea_popescu: should be obvious that model does not work. it doesn't, specifically because it caters to the idiocy it proposes very flimsily to be "against".
asciilifeform: 'prison is like the grave, room can be found for everyone' (ru proverb)
artifexd: Fountain codes, insomuch as I don't understand them, complicate the design. Padding the the structure that gets encrypted doesn't.
artifexd: It is also possible that my own ignorance is complicating the design.
mircea_popescu: artifexd nothing prevents the thing to be further upgraded later on.
artifexd: true story
asciilifeform: artifexd: you don't strictly speaking need fountain code in first version of this apparatus.
mircea_popescu: for that matter, we have a much shittier version currently,
mircea_popescu: and it's worked nothing short of splendidly for many years.
mircea_popescu: improvements don't have to be absolute solutions to be useful. they just have to be absolute improvements.
asciilifeform: artifexd: i was trying to suggest another way whereby no packet needs to exceed udp's mtu in size, or be guaranteed to reach its destination in the first try
artifexd: 576 bytes ain't a lot of space.
asciilifeform: artifexd: this would be - to reconcile history per-pubkey, rather than global.
asciilifeform: 576 can hold a 2048-bit (ephemeral rsa key!) sig, a reasonably long key fp, and small payload.
mircea_popescu: another advantage to tcp is that you don't really get to care about mtus and all that.
asciilifeform: also appreciate a fine point:
mircea_popescu: it is in my eyes much more valuable to have a working prototype rapidly, that then can be extended (and nothing will prevent a future client to filter traffic any way itchooses, say by accepting udp only)
asciilifeform: with udp, a box running said protocol cannot be distinguished by enemy from one which is not
asciilifeform: if he is not physically sitting on the wire
mircea_popescu: asciilifeform so ?
asciilifeform: if uninteresting, disregard.
mircea_popescu: if done right, a reasonable expectation will be that any box is running it anyway.
artifexd: Or just put it on port 80
asciilifeform: i like 'unscannable for', not because of any derping re: 'anonymity', but from sheer delight in the morale hit to enemy
mircea_popescu: that's a bit rich.
asciilifeform: who likes things to be countable
asciilifeform: and 'quantifiable'
asciilifeform: 'threat assessment111!!!11'
mircea_popescu: asciilifeform do not code for your enemy lol.
mircea_popescu: we're doing this for ourselves.
asciilifeform: when we make bullet - we make for enemy
asciilifeform: not usually for self
mircea_popescu: this is a tractor not a bullet.
asciilifeform: tractor with 'maxim.'
mircea_popescu: if the owner wieshes, sure.
asciilifeform: i wouldn't bother arguing the udp/tcp point were it not for the fact that this is not a decision that can be easily re-visited.
asciilifeform: for instance, if you immediately go with 4096-bit ephemeral keys, you're already at 512b. for sig alone.
mircea_popescu: why not ?
mircea_popescu: but there can be a later protocol extension covering udp
mircea_popescu: and it will get more eyeballs reading code on the strength of the already existing thing.
asciilifeform: it'll be a bit of a procrustean bed
mircea_popescu: fwiw i wouldn't use sub 4kb keys anyway.
asciilifeform: me neither
mircea_popescu: so then.
asciilifeform: but that was merely one example.
asciilifeform: (perfectly legit) question was 'wtf should we give a damn about udp mtu, it's a bore'
asciilifeform: answer is, for the same reason that, after a certain date, rifle calibers were X inch sixteenth lines and not some random contemporary fellow's little finger.
asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet.
asciilifeform: can silently drop it if 'foe.'
asciilifeform: without allocating memory.
asciilifeform: if it is not obvious why this is tremendously valuable, try to think about it for a few minutes.
*: asciilifeform will not waste the gentlemens' time by belabouring the point further
mircea_popescu: dude, it will be 5 years before anyone even figures out there's something to attack.
asciilifeform: actually i envision a department hastily assembled, of folks much like myself but underemployed, set to work on it.
mircea_popescu: heh.
mircea_popescu: in 2016.
mircea_popescu: and they'll fail.
asciilifeform: not even usg as such, needed for this. the crapware folks will readily latch on to anything like a solution to what ails them - which proposed apparatus is; and the antivirus folks will immediately proceed to piss out whatever fluids they can muster, against the problem
asciilifeform: if correctly built, apparatus will remain standing. but the notion that no one will see it fit to pour excrement upon the head of the early incarnation - is a mistake.
mircea_popescu: i'd bet you but we can't use bitbet because it doesn't take gavin btc.
asciilifeform: l0l
artifexd: I'm burning up a lot (ok, more than a few) credits on http://trilema.com/2015/artifexd-a-better-ircd-rfc/
mircea_popescu: artifexd now you are on to my secret plan
asciilifeform: artifexd: iirc comments on trilema don't require credits
artifexd: refreshing the page to see new comments does.
*: asciilifeform confesses that he has never purchased a credit on mircea_popescu's site...
mircea_popescu: artifexd use one more then, i answer't.
asciilifeform: mircea_popescu: s/relied/relayed ?
artifexd: Oh! That shifts my interpretation somewhat.
mircea_popescu: asciilifeform aye ty
mircea_popescu: artifexd i guess in retrospect the use of "for" was misguided. chetty warned me, too.
mircea_popescu: but it's for as in, "i am doing in the name of x, ie, for x"
artifexd: So the "Hi there" part could include destination information in addition to the message. Much like irc does now.
asciilifeform: i'd suggest term 'of', and use mathematical notation subkey(ofkey)
artifexd: XFF?
asciilifeform: artifexd: imho the 'hello' should stick to bare minimum - establishing the right of the interlocutor to speak to what is on the other end.
asciilifeform: if successful (he signed nonce with an ephemeral key for which the machine being spoken to possesses a valid primary wot-key signature, or is in fact transmitting a new ephemeral pubkey signed by such a wotkey) - this creates a session.
asciilifeform: artifexd: i will not belabour the point, i think you will arrive at the correct answers on your own. they will fall into place in your head.
mircea_popescu: qui facit per alium facit per se sort of "for"
asciilifeform: this is one of those problems where it is almost unavoidable.
mircea_popescu: artifexd yes, it could, of course.
asciilifeform: artifexd, mircea_popescu, others - http://trilema.com/2015/artifexd-a-better-ircd-rfc/#comment-111242
artifexd: asciilifeform, mircea_popescu, et al: http://trilema.com/2015/artifexd-a-better-ircd-rfc/#comment-111243
asciilifeform: artifexd: http://trilema.com/2015/artifexd-a-better-ircd-rfc/#comment-111244
artifexd: Anybody have a good name for this project? ircd isn't going to cut it.
mike_c: why? let the other ircd change it's name.
asciilifeform: mike_c: terrible thing to do.
mike_c: just teasing the bitcoin foundation :D
asciilifeform: mike_c: phoundation - deserved the treatment; old warhorse irc - doesn't
BingoBoingo: ArseD?
asciilifeform: artifexd: if you're up for it, we can continue the thread here while trilema is down
artifexd: Sure
artifexd: What'd you say?
asciilifeform: artifexd: the mechanism for doing what ought to be done has a generic name: 'gossip protocol'
asciilifeform: that is, you utter a certain thing, or rather, sequence of things, and wish for said fact to become 'universal knowledge' at some point
asciilifeform: and it is accomplished by people talking to one another: 'have you heard xxxxx?' 'nope, do tell.' or 'sure, heard all about it.'
asciilifeform: bitcoin implements one variant of this.
asciilifeform: i will argue that you will want to, in general, 'hash-chain' all of your public (type 'a' in my last visible comment) messages.
asciilifeform: hash-chain or some variation on that theme is the only way an operator can be certain of possessing an unbroken chain of what a particular key has uttered.
artifexd: Now you're talking about a lot of back and forth instead of the bundle approach.
artifexd: I could see the value in that if maintaining an unbroken history was important.
asciilifeform: if you take the bundle approach, you are suddenly faced with a multitude of very arbitrary decisions re: what ought to be included in bundle.
asciilifeform: thing is, you need a hard-reliable mechanism regardless of what you do, if only on account of having the WoT in this thing.
asciilifeform: so it may as well apply to everything.
asciilifeform: there is no reason to bring 'net splits' into existence again.
artifexd: If you do the gossip thing then each server needs to maintain a history (of possibly infinite length)
asciilifeform: like bitcoin.
artifexd: And now we have a blockchain growth problem.
asciilifeform: how is it a problem ?
mircea_popescu: srsly, no blockchain.
asciilifeform: no blockchain. just chain.
mircea_popescu: the messages should be kept around for a short interval (hour ?) while the user can retain them as long as he wants.
mircea_popescu: but basically the bundle should cover the last hour.
asciilifeform: if no chain: malicious node can selectively drop messages.
asciilifeform: notice you don't have to store the chain permanently
asciilifeform: just rolling window.
artifexd: An hour? Shit. I was thinking 5 seconds.
mircea_popescu: asciilifeform so ?
artifexd: If a bundle is sent every second.
mircea_popescu: artifexd ah that's a point. my 1hour was outer limit.
asciilifeform: a window of 5 seconds will give quite a few dropped messages.
mircea_popescu: this is likely actually.
asciilifeform: why not allow a node to store as much history as he wishes to expend on disk
mircea_popescu: because not its job.
artifexd: Why? If you're connected when a message comes across the wire, you get it. If not, you don't. Much like irc now.
asciilifeform: and synchronize based on histories of individual pubkeys
mircea_popescu: because it's chat. if someone wants to log it, that's a diff story.
asciilifeform: the distinction between 'log' and 'allow very high-latency chat' is very thin.
asciilifeform: if i'm on a satellite modem, i doubt that one in ten messages of 5-second window will make it through to my node.
artifexd: Sure it would. If you have a connection to another server, it will send you all the messages it gets. Although I imagine some manner of "screw you, you're too slow" code will be needed eventually.
asciilifeform: this apparatus of yours is not merely ircd with new coat of paint. it is a very different animal mathematically, as you lot will soon realize.
mircea_popescu: it's okay for slow nodes to lose messages
mircea_popescu: this is what the definition of "Slow" is.
mircea_popescu: if i were to connect to irc with a 360 baud modem i would similarily lose messages.
artifexd: asciilifeform: What you want sounds very similar to bitmessage, no?
asciilifeform: perhaps root of disagreement is that i originally contemplated something more along the lines of a very fast usenet, rather than potentially slow chat.
asciilifeform: 'store and forward'
artifexd: usenet is pretty damn fast.
mircea_popescu: asciilifeform it's not really a log-with-chat.
mircea_popescu: it's a chat.,
asciilifeform: the 300 baud modem loses no usenet messages.
mircea_popescu: yes, because they're not signed nor crypted.
asciilifeform: even when they are.
artifexd: The storage requirements for a usenet server are stupid high.
asciilifeform: except in degenerate case, where modem and owner both crumble to dust before the transmission can finish
asciilifeform: through the ravages of time
mircea_popescu: a 360 baud modem loses 99% of usenet messages out of a pipe which puts out 36kbps worth of messages continuously.
asciilifeform: well yes.
mircea_popescu: how you slice the 99% is uninteresting.
asciilifeform: now answer under what circumstances one can accept a loss of even one packet of WoT computation.
mircea_popescu: asciilifeform that's in the hello message.
asciilifeform: hence atomic operation, aha
mircea_popescu: each server sends its own view, you compile what interests you.
asciilifeform: inescapably one will end up seeing slightly different WoTs, at least on their peripheries, at different times.
asciilifeform: i doubt that this can be avoided entirely
mircea_popescu: necessarioly.
mircea_popescu: thjere is no such thing as "one" wot.
mircea_popescu: for that matter, a "total score" is nonsense predicated on this mistaken view.
mircea_popescu: there is no center wot.
asciilifeform: only if it, as it does presently, lives in just one specially-designated temple
mircea_popescu: right.
mircea_popescu: which is kind-of why the "total score" nonsense is so hard entrenched.
mircea_popescu: the current implementation favours what is fundamewntally an erroneous view of thew wot as "one thing". it is not one thing.
asciilifeform: i've been wishing that folks would let go of it for quite some time.
asciilifeform: !s kyristor
assbot: 14 results for 'kyristor' : http://s.b-a.link/?q=kyristor
mircea_popescu: as assbot's usage over timne has shown
asciilifeform: before i learned of the wot that we now use.
asciilifeform: (*even before)
asciilifeform: the notion of 'trustworthiness' as a scalar is fundamental to scamatrons of all stripes.
asciilifeform: it isn't a scalar.
asciilifeform: http://btcbase.org/log/?date=12-11-2014#917896
assbot: Logged on 12-11-2014 01:24:54; asciilifeform: ^ my ancient failed attempt at 'wot.' was to be used with another (never happened) apparatus, 'sollipse,' for running a 'multiverse' of wots.
artifexd: Ok. The layers are forming in my head.
asciilifeform: mircea_popescu: 'gossipd' < < see 'gossip protocols', very interesting subfield in maths.
mircea_popescu: aham
asciilifeform: highly recommended to anyone who took part in or enjoyed reading this thread.
mircea_popescu: anyway, THAT is why not signed messages.
mircea_popescu: perfect deniability, much better than forward secrecy
mircea_popescu: jurov ^
asciilifeform: still need signed hellos
mircea_popescu: since by very definition gestapo can't trust A B C
mircea_popescu: asciilifeform sure, but not the same thing.
asciilifeform: mircea_popescu: complicates your design a bit, as now you have two classes of message
asciilifeform: instead of one
mircea_popescu: how so ?
asciilifeform: (wot operations still need to be signed, as well as 'hello' session negotiations.)
mircea_popescu: no.
asciilifeform: hm?
mircea_popescu: each server maintains his wot ratings, and theyt are sent out as part of hello procedure
mircea_popescu: each server compiles wot list for use of its user from helos received
artifexd: Wait. Wut?
mircea_popescu: which part.
artifexd: You specifically don't want messages signed?
artifexd: For deniability?
mircea_popescu: there's no signing in there, is there ?
artifexd: There is not. I took that as an oversight.
mircea_popescu: http://btcbase.org/log/?date=05-01-2015#966081 also.
assbot: Logged on 05-01-2015 17:59:47; davout: i was thinking rely on GPG and simply encode a nonce in the message
mircea_popescu: no, it's not an oversight.
artifexd: When a message A for B C comes over the wire, how can I trust that B actually said C?
mircea_popescu: hm ?
artifexd: Maybe A is trustworthy but got the message from D.
mircea_popescu: so ?
mircea_popescu: his job to police his lists.
artifexd: And D is full of shit.
artifexd: What stops server A from inventing messages by B?
mircea_popescu: don't trust people you don't trust and so you won't have to answer unpleasant questions from people whose trust you value.
mircea_popescu: nothing.
mircea_popescu: in fact, for all you know A sends whole different novels to B and C.
artifexd: That seems... less than ideal.
mircea_popescu: why ?
artifexd: Because we are building a new system from the ground up.
mircea_popescu: right.
mircea_popescu: so ?
artifexd: Everyone is already identified by crypto. Why not ensure that messages that say they are from a keyset actually came from the keyset?
mircea_popescu: because it's chat.
mircea_popescu: do you ordinarily sign contracts with people you chat with in the bus ?
artifexd: Kinda
mircea_popescu: well, i don't. i more often have sex with someone in the bus
mircea_popescu: than sign a contract there.
kakobrekla: dont chat with strangers.
artifexd: If by "sign" you mean "have some effing clue who just said that"
mircea_popescu: for that matter, imagine a "No" string signed. what now ?
mircea_popescu: i can use it later.
mircea_popescu: artifexd you have a clue : either your friend, or someone who only exists
mircea_popescu: in the sense your friend sayus he does.
mircea_popescu: this "objective existence of user" is a trap in our task here. it doesn' tserve, it hinders.
BingoBoingo: mircea_popescu for that matter, imagine a "No" string signed. what now ? < < This is the big.
artifexd: It would be a timestamped "No".
mircea_popescu: moreover, i wish to take this opportunity and link the important point of the "unsheathe your sword". inasmuch as people proceed on the "user objectively exists" and then try to "create anonimity" the unavoidable result is "anonimity is hard lolz".
mircea_popescu: the only entity served by this nonsense is nsa. users don't actually exist, outside of what the parties you trust say.
mircea_popescu: artifexd so if it is.
artifexd: When you and I have a conversation on here (and gribble is around, and you ident to a key), then later you and I have another conversation (and, again, gribble is around and you ident to the same key), then I can trust that I am talking to the same person I was before.
artifexd: Signing messages would provide that same assurance. But automatically.
mircea_popescu: and if i am in your list and you in mine the same is preserved by gossipd.
artifexd: Wanna be somebody else, grab a new key.
mircea_popescu: without a requirement to sign.
mircea_popescu: however, if you only know asciilifeform and he;'s relying my chat,
mircea_popescu: for all practical purposes i am his 3rd split personality, a figment of his rich imagination.
artifexd: Exactly
mircea_popescu: this is ideal.
asciilifeform: let's see if i misunderstood something.
asciilifeform: in mircea_popescu's scheme, my wot-graph exists as a bitstring that my particular node will disgorge if asked?
mircea_popescu: incidentally, the evolution of this dev session clearly proves the superiority of chat over say bbs, of which forums and trilema comments are implementations.
asciilifeform: rather than permanent blockchain-style world record
mircea_popescu: asciilifeform well, disgorge on handshake but yea
asciilifeform: well then:
asciilifeform: let's imagine the good ship Mircea, a four-reactored former soviet nuke sub;
asciilifeform: a martian death ray takes out a satellite. the ship is now within five day's steam of the next chance for net connection
mircea_popescu: lol. the actual ship mircea is an old barque. http://en.wikipedia.org/wiki/Mircea_(ship)
asciilifeform: during these five days, how many sc4mz0rs will find themselves temporarily rehabilitated ?
asciilifeform: barque < < haha yes, knew this
mircea_popescu: asciilifeform you still have an old list.
asciilifeform: worse yet, if the boat were to perish in honourable combat, with all hands aboard, the global state of wot shall return to as if he and the crew had never lived ?
asciilifeform: aye i have an old list. but that's quite ad-hoc.
mircea_popescu: which ius no different from the current situation
asciilifeform: and i can't sign it with a fresh mircea-nonce.
asciilifeform: because i am me and not him
mircea_popescu: if i die tomorrow who will maintain my wot ?
mircea_popescu: uhhh... nobody.
asciilifeform: but it stays around as a statue, for so long as nanotube remains ungassed
mircea_popescu: asciilifeform no, but you can sign it with yours, if you wish. which correctly reflects the situation. "here are the words of great X i attest to"
asciilifeform: which in this one respect is an arguable improvement over the hypothetical apparatus
asciilifeform: mircea_popescu: aha!
mircea_popescu: i do not see it.
mircea_popescu: how do you know it's not been diddled ?
asciilifeform: that is an ad-hoc, bug-ridden reimplementation of the blockchain!
mircea_popescu: you'd have to ask an elder or two anyway.
asciilifeform: to borrow a greenspunish,
asciilifeform: *greenspunism
asciilifeform: 'those who will not' xxx 'are doomed to' yyy 'it'
mircea_popescu: inasmuch as my old wot is still signed with my old key, and you have a copy
mircea_popescu: it's as good as current thing, except better cuz signed.
asciilifeform: mircea_popescu: and then we get medieval-style rediscoveries of 'the latter gospel of mircea'
asciilifeform: why not cut straight to chase.
mircea_popescu: very theoretical possibility, as "the last words" are hard to fake online.
asciilifeform: not so much a concern re: fakes, but losses.
mircea_popescu: for all you know some validly signed material from 2012 satoshi emerges tomorrow. tis what it is.
mircea_popescu: for all you know it can even came in the shape of regular bitcoin txn.
asciilifeform: and say my sub, a considerably poorer vessel, only has connection when on equator. say, one day in 60, in sight of particular satellite.
mircea_popescu: will be honored once known. ignored meanwhiule.
asciilifeform: under the contemplated scheme, i may as well not bother to use wot then
asciilifeform: or would have to station it shore-side somehow
mircea_popescu: well, if you can only net once in 2 months you can only net once in 2 months.
mircea_popescu: some of your stuff will be out of date.
asciilifeform: we again arrive at a system of ad-hoc, bug-ridden relays and informal mirrors
mircea_popescu: i still dun see it.
mircea_popescu: but anyway, relays are strength not weakness here.
asciilifeform: when part of mechanism, by spec and by reliable practice sans hand-holding
asciilifeform: think of the advantage bitcoin has over hawala.
asciilifeform: hawala is more or less the same, but implemented in the informal, mouth-to-ear way contemplated above.
asciilifeform: ('the same' topologically! not mechanically, clearly)
mircea_popescu: what's adequate for moving currency is not adequate for moving words.
asciilifeform: wot, i'd say, falls somewhere between (or floating far in the state-space) from currency or mere words
mircea_popescu: i still can't possibly see what flaw you perceive with the wot part of gossipd
artifexd: So what is the value of this vice a private stock ircd with a gribble?
asciilifeform: the fact that my wot actions disappear when my node loses net
asciilifeform: i think it is ludicrous.
mircea_popescu: asciilifeform they don't dood. how do they disappear ?
asciilifeform: disappear until i get plugged back in
mircea_popescu: artifexd thgat it has no central servers, for one.
asciilifeform: which perhaps never, because atomic bomb fell on me.
mircea_popescu: asciilifeform anyone who saw the old ones has a copy!
mircea_popescu: this is just like it is now! everything!
asciilifeform: and what can they do with this copy?
asciilifeform: consult it while forming own wot ratings, informally?
mircea_popescu: anything ? they're signed by you. they're, until anyone hears better, your position.
asciilifeform: by what mechanism are they kept around in the world ?
asciilifeform: someone manually copied it to a text file at some point ?
mircea_popescu: by the same mechanism anything of anyone's kept around in the world : your friends have copies.
mircea_popescu: an' shall remember you.
mircea_popescu: chat is not an instrument to permanence. it's an instrument to chat.
mircea_popescu: permanence is to be ensured by other means
asciilifeform: chat - sure
asciilifeform: wot ??
mircea_popescu: (this doesn't replace notarybot, for instance)
asciilifeform: if wot ratings were archived - it could.
mircea_popescu: anyone can archive them!
mircea_popescu: yourself included.
asciilifeform: can != will reliably
mircea_popescu: i don't think you will find the computerized means to ensure immutability.
asciilifeform: let's ask - how many folks reading this have archived, e.g., the works of fermat ?
mircea_popescu: but for as long as anyone gives a shit, they'll be there.
asciilifeform: dead tree counts
asciilifeform: probably quite a few folks. but the thing that distinguishes fermat from wot is that wot needs to be at least quasi-'hot' to really work as intended, imho.
asciilifeform: a copy of my wotgraph kept around as a message in a bottle under nitrogen in my brother's house, say, will not really carry out its function as a live reflection of my wot-will.
asciilifeform: in real time.
mircea_popescu: because why not ?
asciilifeform: because it is in a bottle.
mircea_popescu: things change,you know. mayhap people you used to trust are nopw scammers
mircea_popescu: present wot would benefit immensely from some dead hand cleanning as it is.
asciilifeform: this is actually an ancient debate in the maths-of-p2p-nets world
mircea_popescu: i really do not wish to hear how much some long gone loser trusts whatever long gone scammer.
asciilifeform: whether father time should forget
asciilifeform: and if so, how.
mircea_popescu: exactly like indicated. will exists for as long as the hand lives to enforce it
mircea_popescu: once that's gone... main morte.
mircea_popescu: leave the earth to better, later men.
asciilifeform: there are obvious wins to this approach. but opens the question of what, e.g., my brother, is to do with my wotgraph once my ship goes down.
mircea_popescu: whatever he wants.
mircea_popescu: we knowthis because he is here. you, are not.
asciilifeform: assuming he wishes it to march on
asciilifeform: is he to host it on an 'obelisk' node which does nothing else but relay it ?
mircea_popescu: could, easily.
asciilifeform: or adjust his own graph-weights? (that would somewhat defeat the purpose of a wot, loses information)
mircea_popescu: also could, also easily.
mircea_popescu: what information was lost ?
mircea_popescu: the wot reflects wqhat things ARE. not what they were.
mircea_popescu: that's why if right now i change a rating, the old one's gone.
asciilifeform: where the change propagates.
asciilifeform: right now this seems far easier than it will turn out to be on adult apparatus.
mircea_popescu: aha ?
asciilifeform: the 'dynamicity' of new-wot (vs classical wot) creates some very strong incentives for hooligans of all stripes
asciilifeform: to attempt to disrupt signal, locate mirrors
mircea_popescu: i still don't see there's a difference.
asciilifeform: to create temporary warps in the fabric of wot.
mircea_popescu: are you sure those aren't simply the resuilts of "no more central server" ?
asciilifeform: well, in a sense they are; but we're really surrendering to entropy here far more than, imho, is necessary
mircea_popescu: entropy is to be embraced. it's no surender when you manage to flow with it.
asciilifeform: i won't argue that wot moves ought to be retained for all eternity; but will say that some automatic caching is necessary
mircea_popescu: the less you figh entropy while still doing your job, the longer you'll live.
asciilifeform: because things that are tedious and must be done manually, tend to not get done.
mircea_popescu: so anyone's free to implement all the caching one wants.
asciilifeform: let's say that a fair number of node operators wish to cache. now they are stuck retaining (and transmitting, regularly!) a vast number of duplicate copies of many wotgraphs
mircea_popescu: why ?
mircea_popescu: they can cache whichever way they wish/
asciilifeform: not so many ways to choose from if result is to behave functionally live
asciilifeform: (i.e., just as their own live wotgraph behaves)
asciilifeform: in the end, you end up with a poor reimplementation of 'blockchain' anyway
mircea_popescu: yes stan, if you wish to have a blockchain you will end up having to implement one.
mircea_popescu: o.O
asciilifeform: i will let this point prove itself, but was willing to argue for it to possibly save mircea_popescu and artifexd some unnecessary sweat
artifexd: I still haven't processed the wot part of the spec. I'm still trying to understand why you wouldn't sign the messages. It seems to be asking for evil actors.
asciilifeform: http://pastebin.com/w5VYjyBu < < possibly very relevant
assbot: THE PETRIFIED WORLD (Robert Sheckley) - Pastebin.com ... ( http://bit.ly/1BxiUBn )
asciilifeform: (1971 story)
artifexd: Other than the argument that a signed "no" could be used for something malicious. Uh... It just means that you said no. It doesn't imply what you said no in response to. Just that you said no.
asciilifeform: this is why i suggested chaining.
asciilifeform: prevents a future forged conversation stitched out of words you have uttered.
asciilifeform: (of signed gibblets, anyway)
artifexd: millisecond timestamps and a counter would do that too.
mircea_popescu: artifexd explain why you WOULD sign them.
asciilifeform: artifexd: next thing you know we're doing lamport clocks.
artifexd: Actually, as fast as I type single second resolution timestamps would be enough.
mircea_popescu: and yes, unixtime timestamps.
artifexd: Why would I sign messages? Why would I appreciate messages that I receive to be signed?
mircea_popescu: why would you require chat lines be signed.
mircea_popescu: i mean, i understand, "it's how it's done". we're here because the current paradigm is - quite fundamentally - broken.
artifexd: Simple: I would sign all my messages so that if you told me that I said something that wasn't signed, I could legitimately call bullshit.
mircea_popescu: you can call bullshit in the gossipd as well.
mircea_popescu: that's provided.
asciilifeform: let's put it this way - if i wish for my words to successfully relay beyond my own node, i have to sign them with an ephemeral key
mircea_popescu: if you wish to elevate some chat to a contract, you directly can do that too.
mircea_popescu: by signign it.
asciilifeform: how is anything originating in my machine to leave my node without being signed ?
artifexd: I would appreciate signed messages so that I could have some moderate assurance that bob is actually bob and not some asshole evil server.
mircea_popescu: artifexd you have SOME assurance.
mircea_popescu: if you know bob, this is cryptographic.
mircea_popescu: if you do not know bob, that assurance is meaningless anyway.
asciilifeform: ^ not entirely
artifexd: I would have to have a direct connection to bob in order to believe anything with his fingerprint.
asciilifeform: you can still know that bob(today) is (or is not) same as bob(next month)
mircea_popescu: right.
mircea_popescu: which is EXACTLY as it is anyway
asciilifeform: not necessarily same person, but same key (e.g., is same bourbaki)
mircea_popescu: asciilifeform herp.
mircea_popescu: so you can still know... nothing much.
asciilifeform: arguing that this can be useful information
artifexd: Part of the trust is that you can handle a key.
asciilifeform: in some truly perverse cases
mircea_popescu: anything can be useful information.
mircea_popescu: artifexd if you don't know bob, for all you know he's lying to you.
mircea_popescu: ANYWAY.
mircea_popescu: with or without a key. there is no mechanical solution to trust
mircea_popescu: just like there are no mechanically generated random numbers.
*: asciilifeform did not imagine that there were.
mircea_popescu: i am aware the inept consensus today is to think that technology can solve trust.
artifexd: Trust doesn't mean that I take bob's word as gospel.
mircea_popescu: the reason this is even specced is to provide some sanity while everyone wastes their life in that ai quest.
asciilifeform: 'trust' is probably a word that will have to be retired, like phlogiston.
artifexd: Trust in this case means that, as asciilifeform said, bob(today) is bob(next month)
asciilifeform: nooo
asciilifeform: trust is simply an obsolete, pre-scientific word.
artifexd: I mean as in trust the message
asciilifeform: please don't put it on life support, it needs to die
mircea_popescu: artifexd hardly if that.
mircea_popescu: for all you know bob is part of a 500 key ring operated by 5k monkeys.
artifexd: signed messages allow someone to build an identity
mircea_popescu: sure, they do.
mircea_popescu: but more's the point : signed messages allow the world to build an adversative identity of someone.
mircea_popescu: this is pointedly against the purpose of chat.
artifexd: As you have preached in the past, the identity built over time, secured by wot, has value.
artifexd: Take away the ability to build an identity and what's left?
mircea_popescu: it does, and that's exactly what;s happening, in the proper model. people chat. on that chat they build contracts. their contract history is fixed in a wot.
mircea_popescu: there's a great progression at work there.
artifexd: The key in the wot has no relation AT ALL to the message I just received with a fingerprint.
mircea_popescu: such ability is not taken away.
artifexd: Could be him. Could not. Who knows.
mircea_popescu: it does, if the sender is in your list.
mircea_popescu: it does not, if he is not.
mircea_popescu: in the case at hand, i'd know you are you, but i wouldn't know dddddd is anyone in particular.
mircea_popescu: this is correct.
mircea_popescu: because in point of fact ddddd is noone in particular.
mircea_popescu: they even say this, the various random guys the wind blows in. "who are you ?" "nobody in particular".
artifexd: How do you imagine bootstrapping this thing?
artifexd: Do we get in here, ident, and pass around ip addresses?
artifexd: Is that the start?
mircea_popescu: pretty much
mircea_popescu: you know, just like "up me please" but not centrally maintained.
mircea_popescu: just ask your friends.
thestringpuller: mircea_popescu: what would the result of someone forking the WoT be?
mircea_popescu: a wot fork ?
mircea_popescu: right.
thestringpuller: altgribble becomes hitler and makes his own db clones from nanotubes
thestringpuller: some "people" start using it
thestringpuller: but nanotube never comes back
mircea_popescu: what's wrong with using an alt wot ?
thestringpuller: or comes back months later (super worst case)
thestringpuller: that's my question
mircea_popescu: if you trust whoever maintains it... go ahead.
mircea_popescu: i have nfi who even runs altgribble. who is it ?
thestringpuller: well altgribble was generatlized example
artifexd: After the thing is up and running for 6 months. How does some insightful dude off the street get in? Look for a public (and thus completely untrusted) access ircd that will let him connect and hope to build an identity to the point that you say "hey insightful_dude_from_the_street", what's your ip address? I'll let you connect to me because you say useful
artifexd: shit"?
mircea_popescu: artifexd either that, or otherwise getting into a relationship with one of the people in
mircea_popescu: how does one get into l1 atm ?
mircea_popescu: l2*
mircea_popescu: how did lampelina come in ? kako added her to his node and said "hey, lampelina is this hot blondy I met in a bar."
mircea_popescu: if she starts doing evil shit like forwarding messages from obama, it'll look like obama: hey dudes, i smoke the c0k! to us,
artifexd: You have to beg for a chance to demonstrate the ability to be interesting before you get a chance to get judged.
mircea_popescu: but it'll look like obama[via lampelina] to kako. who can then go gtfo wtf you smokin beich ?!
mircea_popescu: artifexd you gotta get an up before you can voice. eh ?
kakobrekla: actually snatched from irc not a bar and our gfs make bad examples for this.
artifexd: Yeah.
mircea_popescu: kakobrekla sorry
artifexd: Fuck. What are we discussing.... Oh yeah. Why automatically adding any type of verification to a message is bad.
mircea_popescu: no.
artifexd: No?
mircea_popescu: we were discussing why it is good, and it turns out it isn't particularly, and so parsimony dictates it stays out.
kakobrekla: no sorry needed, its just that i dont put my penis into everyone that i would like to irc with.
artifexd: Preventing some douche from Bumfuck, Idaho from impersonating your hard built identity "isn't particularly good"?
mircea_popescu: artifexd this prevention is guaranteed by design as is.
mircea_popescu: he can only impersonate you to folk that don't know you.
artifexd: He can only impersonate me to people who don't have an absolutely direct connection to me.
mircea_popescu: or care to get one or know how.
mircea_popescu: technically, anyone can make a gpg key and name it Mircea Popescu
mircea_popescu: so what if it's the wrong numbers ?
artifexd: That's why the fingerprint and the alias, right? Let the computer notice that the numbers don't match the the numbers that I identify as mircea.
mircea_popescu: for that matter, if we keep the A B C D ; X Y Z K convention, then A can impersonate K to Y only provided B isn't linked to C that is linked to D.
mircea_popescu: artifexd the computer wouldn't know.
mircea_popescu: if i get a fake key of you and sign it... it's good as far as the computer is concerned.
artifexd: Huh? Of course it would.
mircea_popescu: nope.
mircea_popescu: computer only finds through a direct connection.
artifexd: I have a fingerprint. Or a public key. I give that fingerprint or key a name. Anything not that key or fingerprint won't match to the name.
mircea_popescu: according to whom ?
mircea_popescu: asciilifeform lives in a submarine and never connects to you or your friends. i give him my own version of the "Artifex" key. he signs it.
mircea_popescu: bam.
artifexd: What does that have to do with anything>?
mircea_popescu: everything ?
mircea_popescu: it's exactly the scenario you're proposing.
artifexd: Nothing I, as artifexd with my key, say will ever show up as said by the same entity as whatever you say with your artifex key.
mircea_popescu: artifexd that's entirely up to me.
artifexd: Sure. If you have two keys in your wot and you want to give them both the same name. Knock yourself out.
artifexd: But *you* have to make the choice to be confusing.
asciilifeform: here's an observation:
artifexd: The system would, without your interference, label the things I say and the things your artifex say as said by seperate entities.
asciilifeform: i am not presently authenticated via 'gribble'
mircea_popescu: artifexd dubious at best.
asciilifeform: how many of the folks present are ready to believe that this 'asciilifeform' is the same animal they are accustomed to enduring the company of in #b-a ?
asciilifeform: and why?
mircea_popescu: asciilifeform i can tell, you sound just like him.
asciilifeform: well sure.
asciilifeform: but this is an 'informal bug-ridden implementation' of message signing.
mircea_popescu: what, you just bathed in the same bath twice ?
asciilifeform: when i grunt on the impalement pole, i will probably not be able to deny these words either, to the inquisitor, for the same reason
asciilifeform: 'you sound just like him!'
artifexd: dubious? huh? how? the maths are the maths.
asciilifeform: hence the 'adverse identity' thing
asciilifeform: even if we have no sigs
mircea_popescu: asciilifeform i think you misrepresent the importance of this. currently, I can tell. *I*. Because i'm me, specifically. if you signed, so could preet.
mircea_popescu: you do not wish to make preet any gifts.
asciilifeform: sigs are pure win, for a creature like myself, just about everything that comes out of my mouth is 'signed' enough for inquisitor!
asciilifeform: why not sign for friends?
mircea_popescu: which is why this is an ircd fork rather than whatever, just apt-get it.
mircea_popescu: there is no such thing as "sign for friends" outside of the model detailed in my spec.
mircea_popescu: that's what that is. "signed, but for friends only"
asciilifeform: the only possible solution to preet signing as asciilifeform, or mircea_popescu, or whoever, is to pull the pin when he comes uninvited.
mircea_popescu: mno.
mircea_popescu: consider a bunch of chatlogs from gossipd presented in court.
mircea_popescu: "and then you said so and so" "um how you know this ?" "from node C" "well it lied to you"
mircea_popescu: "no it didn't!!1" "case dismissed" "but yur honor!!1"
asciilifeform: imho it is far from a sure thing that this will so much as add one drop of sweat to a usg inquisitor's work
artifexd: Your argument is that you WANT deniability?
mircea_popescu: artifexd my argument is that deniability must be baked in or not had.
mircea_popescu: and for chat it must be had. and so... it must be baked in.
artifexd: Hmmm.... this is not the project that I thought it was.
asciilifeform: mircea_popescu: there is another way to bake it in.
BingoBoingo: Even preet loses cases
mircea_popescu: artifexd it isn't ?
asciilifeform: mircea_popescu: consider: a subclass of private message where you ask a friend to pass along, to the 'room', some words.
mircea_popescu: asciilifeform aha ?
asciilifeform: explicitly proclaimed as 'not his own'
asciilifeform: the ears - can choose to believe, or not, naturally
asciilifeform: but this is inescapable
mircea_popescu: i don't follow.
asciilifeform: say mircea_popescu wishes to deniably utter the words 'brezhnev sucks'. he then asks me to utter, 'my friend, who wishes to stay unmarked, wishes to inform the ladies and gentlemen of this network that brezhnev sucks'
asciilifeform: we thus have a degree of deniability, about the same as in the case of no messages carrying signatures
mircea_popescu: artifexd suppose you don't reg your name, and someone comes in as artifexd and says things. should you be forced somehow to say if this is the case or not ?
mircea_popescu: asciilifeform i do not wish to stay unmarked.
asciilifeform: (contrieved example)
mircea_popescu: and i don't want "a degree" of deniability.
asciilifeform: as i reckon, same degree as the unsigned-message scenario
mircea_popescu: i want exactly what chat is : absolute deniability to the entire world, save your friends.
mircea_popescu: which is exactly how speech has functioned, since the dawn of time, to create what is known as the free world.
asciilifeform: 'absolutes' are tricky.
mircea_popescu: high time computers conform.
mircea_popescu: not with the spec as given, imo.
asciilifeform: let's work out, using spec as given in mircea_popescu's article: what does an inquisitor know about a particular utterance
asciilifeform: if he were to put a node in his pocket
asciilifeform: or a series of nodes
mircea_popescu: okay.
asciilifeform: to how many possible pubkeys (and presumably, but not automagically, people) can he narrow down the 'brezhnev sucks' ?
asciilifeform: (typically)
mircea_popescu: i dun see how that'd be answered.
mircea_popescu: but i also have little interest in fighting the narrowing down. that's not really a good use of time.
asciilifeform: that's what 'deniability' means, unless i catastrophically misunderstand the concept
mircea_popescu: well, not how i understand it at any rate.
mircea_popescu: deniability is "you X" "no."
*: asciilifeform is transported to grade school mentally
mircea_popescu: as far as it's in the form "either you or A X" the only answer is "i don't care."
asciilifeform: teacher: 'it was one of you boys'
mircea_popescu: "get something substantial and bother me again"
artifexd: How many connections to other servers do you imagine that you will have? You as in you mircea_popescu.
artifexd: 10? 60? 2000?
artifexd: 1?
*: asciilifeform gets a distinct impression that mircea_popescu is still thinking of the adversary as being bound by laws, courts, procedures of evidence-gathering.
mircea_popescu: artifexd anywhere between a few dozen and a few thousands.
mircea_popescu: asciilifeform i am not thinking of an adversary. i am designing things correctly.
*: asciilifeform rather thinks that this is a military matter, where adversary can afford to ransack and search 100 houses but not 100,000, and hence his gathering bits of info - matters
mircea_popescu: asciilifeform that's a subplot i dun wanna enter into now - this is complex enough as it is - but suffice to say i am persuaded such situations are thermodynamiocally bound to narrow timespaces.
*: asciilifeform would much like to hear more about this later
mircea_popescu: ie, the police state only exists now and again, when the state of technology is poor enough.
asciilifeform: naggum had a piece where he confessed to thinking of 'open source' as a weapon, purpose-built for the destruction of a particular evil (microshit)
asciilifeform: that will have to be re-shaped into something quite else (his words) when enemy is dead
mircea_popescu: artifexd a 1mbps connection, which is reasonably common in households, should be able to support maybe a few hundred connections.
mircea_popescu: then again, the number of people people know is, from memory 1-200.
mircea_popescu: admitting everyone's awake at the same time.
*: asciilifeform still can't escape the feeling that hypothetical apparatus is a weapon, at least for the time being, that must be sharp enough to penetrate a particular tough grizzly hide if it is to carry on to being whatever it was meant to be...
mircea_popescu: and admitting everyone known is known to the same, high degree to warrant a connection.
mircea_popescu: asciilifeform it's merely meant to put chat on a sane footing.
mircea_popescu: since we're fixing ircd, might as well actually do it.
asciilifeform: at the very least, one ought to have the option of (unobtrusively!) signing every line
asciilifeform: i am quite ready to ephemeralkey-sign every line i have uttered in #b-a.
mircea_popescu: i don;'t see what in the spec would prevent anyone from so doing.
asciilifeform: in no small part because i cannot really picture my impalement or reprieve as hinging on attribution of what i've said
artifexd: I would think that instead of a list of ip addresses you would have a list of pubkeys and each pubkey has one (or more) ip addresses assigned to it. When you start up gossipd, it calls out to all the ip addresses in the lists and says "I'm bob, proven by this signature. Prove you are alice, with cryptoproof". If the answering box responds appropriately,
artifexd: cool. Keep the connection. If not, dump it.
asciilifeform: why is it necessary to involve ip addresses ?
mircea_popescu: asciilifeform gotta route packets somehow.
mircea_popescu: artifexd this could also work, as a handshakey sort of thing, sure.
artifexd: As a currently running gossipd, if I get a connection request with "I'm bob. Here's proof", then I accept the connection and add that ip address to my list for that key. (For later connecting to him)
asciilifeform: let's say i communicate over courier.
asciilifeform: what is my 'ip address' then ?
mircea_popescu: spec was simpler on the assumption that since the helo package is keyed to the supposed key of the server, there's no need to challenge
mircea_popescu: if hje can decrypt it's him alright.
mircea_popescu: asciilifeform it touches the network somewhere.
artifexd: Sure. Then the handshake doesn't go both ways, but the information shared is the same. I know you have the key you say you have. You know I have the key I say I have.
asciilifeform: mircea_popescu: when i sign my 'hello' i will have no idea where it will enter the network.
artifexd: I add the ip address to the key so when I start up, I have a place (or places) to look for you.
asciilifeform: it is quite impossible to sign your ip address if you communicate via courier who may stop at one of sixteen ports.
artifexd: asciilifeform: You have to have some way of receiving return messages, right?
asciilifeform: not necessarily
asciilifeform: it could be my final message as boat goes down.
mircea_popescu: asciilifeform then put it in a pastebin
asciilifeform: sent - in bottle.
mircea_popescu: and someone will link it.
asciilifeform: out of band?
mircea_popescu: sure.
asciilifeform: why is this necessary?
mircea_popescu: cause you're tryin to shoehorn nonchat uses of a chat network.
mircea_popescu: so you're going to have to carry the shoe horn yourself.
asciilifeform: by way of a considerably simpler design
asciilifeform: (unitary hello+signature packet)
artifexd: Sure. I have no issue with that.
mircea_popescu: uh.
mircea_popescu: the helo as it is contains some signed material.
mircea_popescu:what would you sign ?
*: asciilifeform will, likely, happily play with whatever apparatus you folks come up with, but wishes that the choice be an informed one on the part of the implementers, rather than happenstance.
artifexd: Sign whatever you want. As long as the timestamp is recent.
mircea_popescu: artifexd so how is it different from the project you thouight it was ?
asciilifeform: artifexd: http://btcbase.org/log/?date=07-01-2015#967274 < < basic summary of the thing i was mainly on about.
assbot: Logged on 07-01-2015 01:22:05; asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet.
artifexd: I wasn't imagining so many direct connections.
mircea_popescu: artifexd well, dunbar's number as a general rule.
artifexd: I had imagined few connections, more routing.
mircea_popescu: should fit on consumer box.
mircea_popescu: if anyone runs a mega node, his hardware is his problem
artifexd: I had imagined #b-a but where everyone is ident'd all the time. No impersonating anyone else is remotely possible.
mircea_popescu: this would fit, if you cared to make it fit
mircea_popescu: currently therte's 140 people here.
*: asciilifeform also formed this impression.
mircea_popescu: so... yes.
artifexd: I start up my little process, it makes a connection to one or eight other people and it just works through the magic of maths.
mircea_popescu: nah. too easy to attack that graph.
asciilifeform: who among those present, other than mircea_popescu, wishes to be impersonateable (deniable) by default ?
artifexd: Not I
asciilifeform: not 'democratizing', just probing waters
mircea_popescu: what's the big deal ?
mircea_popescu: i am impersonated all the time, on all sorts of venues.
asciilifeform: mircea_popescu: and you like it ?
mircea_popescu: i have enough experience with it to know it does \exactly nothing.
asciilifeform: i, for one, would much prefer to have there be not the slightest chance that a fuckwit claiming to speak as me, but sans my key, can be believed
artifexd: I think you're accused of being other people more often than you are impersonated.
mircea_popescu: asciilifeform believed is one thing.
mircea_popescu: artifexd this is possible lol. but also a large number.
artifexd: asciilifeform: That is my desire as well
mircea_popescu: it won't be believed (meaningfully).
asciilifeform: will be believed by sufficiently many otherwise-clueful folks
mircea_popescu: what people who have no clue believe resting squarely outside not of your control, but THIS WORLD.
asciilifeform: because signatures are so rare.
mircea_popescu: perhaps this is what irks, such a clear statement of that inconvenient (but nevertheless true) fact
asciilifeform: if signatures were expected, impersonation would be strictly a preet-stole-key-and-i-didnt-pull-pin-in-time matter.
mircea_popescu: like in the case of rg ?
artifexd: What is "preet"?
mircea_popescu: this is an illusion.
asciilifeform: artifexd: an infamous judge where i live
asciilifeform: artifexd: 'kangaroo court'
asciilifeform: artifexd: he specializes in high-profile show trials. quite like roland freisler (top judge in 3rd reich)
mircea_popescu: artifexd the roland freisler of our times, preet bharara. crown's prosecutor for southern ny / rico conspiracy lynchpin.
artifexd: ok
mircea_popescu: lmao that sounded like a divisive question.
asciilifeform: mircea_popescu: is it merely my puny brain, but i still don't grasp the 'signed-default is bad because preet can steal a key.' if preet gets a hold of my key, he may as well have put a bullet through my hide, stuffed the corpse, and proceeded to live on as it
asciilifeform: signed gossipd or not.
mircea_popescu: for my curiosity, people who run torrents : how many connections is common ? 10 ? 20 ? 40 ? 80 ? 160 ?
asciilifeform: depends on torrent for what.
mircea_popescu: asciilifeform not because "preet can steal a key"
mircea_popescu: i just meant, generally. i dun care for what, trying to see how this works in practice.
artifexd: The torrents that I have run get 15-20 connections
asciilifeform: just strikes me as a peculiar retreat from the whole 'let's bring an end to eternal september' thing
mircea_popescu: it's exactly that tho!
mircea_popescu: it actually puts an end to it.
asciilifeform: how?
asciilifeform: as it is, you're relying on the next hop node's operator to sign your words.
mircea_popescu: suppose you're an average derp. what do you do ?
asciilifeform: watch tv until die ?
mircea_popescu: problem solved, september ended.
mircea_popescu: i meant, what do you do to gossipd obvbiously.
asciilifeform: hm
asciilifeform: cajole a 'l33t3r' friend to give you an 'in', perhaps
mircea_popescu: asciilifeform then you piss me off, i frown at your friend, you're out.
asciilifeform: what did 'derps' do in 1991 ?
mircea_popescu: you made it 3 days.
mircea_popescu: now what ?
asciilifeform: this is the ideal working of the scenario, yes
mircea_popescu: ok, i frown at your friend, he demures, i delink him, you both are out.
mircea_popescu: 2 derps, 3 days.
asciilifeform: in practice, derp can often masquerade as simply an underenthusiastic or overworked 'actual person' for a spell.
mircea_popescu: ok...
mircea_popescu: in practice derps never manage this, if we're to go by history, but anyway.
asciilifeform: just recalling various guests in #b-a, and how long it took each to work his (often her) way out of the alimentary canal
mircea_popescu: who, specifically ?
*: asciilifeform digs log
asciilifeform: saffron
asciilifeform: ?
mircea_popescu: as far as i recall, for as far as my own chatlog is concerned, it took them exactly an hour longer than it took me to decide it's enough.
asciilifeform: indian candy
mircea_popescu: now, why shouldn't this be the situation to everyone ?
mircea_popescu: i wouldn't mind seeing either of those.
asciilifeform: merely examples of people who took weeks, rather than days
asciilifeform: aha but walked off rather than killfiled
mircea_popescu: was thinking more like xmj and his ilk.
asciilifeform: aha right
asciilifeform: better example
asciilifeform: or, what if herr pankkake had made things more difficult by slowly doing... his thing, rather than swapping uniforms in one fell swoop
mircea_popescu: i dun see how any of these are serious avenues to attack gossipd.
mircea_popescu: literally, all it takes is a one line edit.
asciilifeform: not so much 'attacks', but i for one was hoping to see this experiment as a beginning of the 'wot internet'
mircea_popescu: so it is.
mircea_popescu: imo, quite exactly.
asciilifeform: where eventually derps will not be able to send a packet, period.
mircea_popescu: but it's EXACTLY what it is!
asciilifeform: not if individual quanta aren't signed
mircea_popescu: they still need a friend to let them in.
asciilifeform: in mircea_popescu's current scheme, they still are signed, i'll point out. but ad-hoc, by the next hop node
mircea_popescu: you understand this ? nobody can police a list of 2bn ip addresses.
mircea_popescu: anyone can police the 200 people he himself knows.
asciilifeform: keys
asciilifeform: not people. or ip addresses
mircea_popescu: same thing.
mircea_popescu: blacklisting doesn't work, and whitelisting should be done locally, and responsibly.
*: asciilifeform does not disagree with this at all
mircea_popescu: but you disagree with the implementation of ewxactly this ?
asciilifeform: just not really grasping why we need the 'deniability' thing.
artifexd: nor I
asciilifeform: it seems to fly in the face of better-living-through-crypto
mircea_popescu: it's odd because to me it seems exactly opposite.
mircea_popescu: as in, why add clunk that actually harms and hinders, except to perpetuate what we generally agree is a harmful meme.
asciilifeform: how is message-is-standalong-quantum-that-traverses-the-net-on-its-authors-signatures-merits added clunk ?
mircea_popescu: excactly like that.
asciilifeform: *standalone
artifexd: Other than some extra bytes, how is it clunk? How does it harm or hinder?
mircea_popescu: ok, let me try and make the whole story.
mircea_popescu: currently : 1. friend to friend relations are entirely cryptographically secured. 2. unknown-to-unknown relations are not secured, and must proceed through a friend of either party to even happen.
mircea_popescu: what you propose : 1. friend to friend and unknown to unknown relations are the same thing.
*: asciilifeform is at a loss to see how this follows
artifexd: Uh... no.
mircea_popescu: this harms because : it gives unknowns a weight they should not have ; it removes the incentive for users to police at their local level ; it allows third parties to construct undeniable chatlogs that they had no business in.
mircea_popescu: anmd there's plenty more, but srsly... how much is needed.
asciilifeform: incidentally, in no holy book is it written that a pubkey is readily pinnable on a particular creature walking this earth
mircea_popescu: so ?
asciilifeform: one can have 'anonymity' or 'deniability' or whatnot, as commonly imagined, at the same time as signed-everything
mircea_popescu: and when you say no what do you mean no.
artifexd: It doesn't give weight to unknowns. It gives continuity do unknowns should they desire it.
mircea_popescu: asciilifeform not naturally.
mircea_popescu: artifexd that is weight.
mircea_popescu: the existence of unknowns should be entirely at the mercy of the knowns. no exceptions and no way out.
asciilifeform: mircea_popescu: by what mechanism do 'unknowns' transmogrify into 'knowns' in your cosmography ?
mircea_popescu: by whatever mechanism anyone chooses to use.
mircea_popescu: THEY have no power,
mircea_popescu: which is to say no obligatory mechanism exists.
artifexd: No. It is continuity. I assign weight to what they say by my judgement. They assign continuity to what they say by signing it.
mircea_popescu: artifexd it is not up to them. it is up to you.
mircea_popescu: the moment you add them to your list, they have continuity.
mircea_popescu: before that , they are ephemereal.
mircea_popescu: not their option. yours.
asciilifeform: mircea_popescu: at present time, an 'unknown' can generate a pgp key and carry on 'continuity' with it over whatever channel. we can't exactly prevent it
mircea_popescu: because we don't work for the group here. we work for the individual.
asciilifeform: nor have any good reason to try
mircea_popescu: asciilifeform this is a problem
artifexd: it allows third parties to construct undeniable chatlogs < < while true, I don't see the issue with it
mircea_popescu: it is not an advantage.
asciilifeform: and here is where i'm puzzled
asciilifeform: how not advantage
mircea_popescu: artifexd i do. it's the equivalent of making a weirdo reality where anyone who eavesdrops also has a recording device.
mircea_popescu: none of their fuckinbg business. if they weren't invited to participate they can not RELY on the discussion.
mircea_popescu: not to the detriment o the participants, in any case.
asciilifeform: but, carrying on with the analogy, recording machines exist.
asciilifeform: this is like a late-medieval knight wishing that cannon had not existed.
asciilifeform: fact is, they do
mircea_popescu: no. making it not exist.
mircea_popescu: fact is, they only do if you wish to implement them. i do not.
mircea_popescu: i don't see much has improved since the recording machine era. do you ?
asciilifeform: if specifically aiming for anonymity, deniability, one ends up designing a widget akin to 'tor'
asciilifeform: is this the intended shape ?
mircea_popescu: this specifically aims for reconstructing sane chat, online.
asciilifeform: i won't argue that a working 'tor' would not have its uses, but it is a very different animal from an 'adult' rebirth of internet circa 1989
mircea_popescu: rather than some conveniently diddled , horrible implementation designed for the needs of the nsa
mircea_popescu: (more generally, of the state)
*: asciilifeform sees the genuine dilemma here. but sees it as a dilemma, not an open-and-shut case in favour of soft-anonymity
mircea_popescu: do tell.
mircea_popescu: i dun see any sort of dilemma.
asciilifeform: mircea_popescu does not like the notion of nsa goon having a non-deniable tape of anything he catches. (i don't much, either...) asciilifeform does not like that it is generally customary to speak unsigned, and thereby nsa goon can put words into his mouth, and a certain number of people will believe them
mircea_popescu: what the clueless "believe" can not ever be your concern.
mircea_popescu: it is folly to even consider this point. focus on what is within your control.
asciilifeform: it is when they lead me to the electric chair
mircea_popescu: not even then.
mircea_popescu: a screening of "a man for all seasons" is in order here.
asciilifeform: until the magic dawn when the last idiot is strangled with the guts of the last scammer, there will be ones who believe the crap.
mircea_popescu: quite exceptional walk through the very points involved.
mircea_popescu: asciilifeform that is neither here nor there.
mircea_popescu: fundamentally your argument reduces to a deep seated "all peoples matter"
asciilifeform: how ?
mircea_popescu: to the tune of monty pytrhon's every sperm is sacred. no, they do not.
asciilifeform: this inference is perplexing. i don't see how it follows.
mircea_popescu: asciilifeform because whythe fuck do you care what some people you doin't know say on any topic ?
asciilifeform: how does a bomzh, stinking in the street, who happens to have generated a pgp key, 'matter' ?
mircea_popescu: well since you're concerned with what he might say or believe, it seems he does.
asciilifeform: i'm concerned only in the particular corner case that he is actually my friend, who has been reduced to that condition by malefactors, but still remains in possession of his key.
mircea_popescu: i do not care what "buts" and "ifs" you add.
mircea_popescu: what remains is... you are concerned.
asciilifeform: i'd say 'generic bum' and 'mircea stripped of his clothing and cast adrift in shanghai' are different scenario, no ?
mircea_popescu: so how is this germane ?
mircea_popescu: obviously, if we're connected, you know my key.
mircea_popescu: at issue is your proposal to make this a reality for people you don't know.
asciilifeform: nope. i fully understand that the latter is neither possible nor desirable
mircea_popescu: so then what is the dilemma ?
asciilifeform: 'who signs'
mircea_popescu: you know my key, you directly verify my client is signing correctly, what is keft ?
mircea_popescu: left*
asciilifeform: in the scheme as presently described, your client is also signing (for the record of the hypothetical nsa goon, among others) a fairly arbitrary set of messages.
mircea_popescu: it is not signing them, no.
mircea_popescu: it is merely passing them along.
asciilifeform: it signs the session whereby they are given right to travel the net
mircea_popescu: "this is what i heard"
asciilifeform: well, yes
mircea_popescu: that, it does. but it makes no representation they are from me.
mircea_popescu: in fact, it speciically says they are not.
asciilifeform: and what is the intended mechanism for propagating a message which -does- make this claim ?
asciilifeform: laborious external signature, as at present time ?
mircea_popescu: for instance.
mircea_popescu: or, if you prefer, elevating the source to the rank of a connect.
mircea_popescu: thereby doing it all automatically.
asciilifeform: please briefly describe 'rank of connect'
mircea_popescu: the same relation as between you and me, in the scenario.
mircea_popescu: you have his key in the initfile, and so on.
asciilifeform: mircea_popescu: the tidbit that escapes me is how you came upon the idea that default-signed would empower, rather than lower into pederasty, the 'anonymous derp'
mircea_popescu: well that's the clou of the entire thing now innit.
asciilifeform: aha
asciilifeform: if i can grasp this, perhaps it will all make sense to my head.
mircea_popescu: i think i explained it half a dozen different ways, to exhaustion, but am at a loss as to why what seems obvious is not communicating itself.
mircea_popescu: let's go the other way. why do you think it would so lower them ?
asciilifeform: did i misunderstand, or did you say earlier that it would be a good thing if the street bomzh could not use pgp ?
asciilifeform: (and gain continuity thereby)
mircea_popescu: ok, let's work a different way. let us compare two scenarios.
mircea_popescu: in both cases, we are discussing user Panopticon, who sees all and says nothing. now, in spec as is, it is true that user P will know... nothing. correct ? whereas in your proposed spec, he would know... everything. correct ?
mircea_popescu: how is giving the bum EVERYTHING lowering him in any sense ?
asciilifeform: everything ?
mircea_popescu: and whence and wherefore should he have anything but nothing ?
mircea_popescu: well yes. all the signed chats of everyone = everything. absolutely as 1 = 1.
asciilifeform: if he truly knows 'everything', he can unmask the 'deniable' speakers likewise.
artifexd: I guess I like the default sign because I see myself as Panopticon. I don't talk much. But I watch and listen. Default-sign helps me.
asciilifeform: no need for signatures.
mircea_popescu: artifexd you might discover it hurts you, much like the low level usg employee who thinks the fed helps him would soon discover his lot would be better without that bit.
mircea_popescu: asciilifeform how ?
asciilifeform: if he truly knows 'everything' he can elementarily determine which earthly carcass crapped out which words.
mircea_popescu: not so.
mircea_popescu: for all he knows, they're all in cahoots, sending him lulz.
mircea_popescu: he can not determine this.
asciilifeform: presumably some earthly not-quite-everything was meant, rather than a 'divine' Everything
mircea_popescu: everything in the network duh.
asciilifeform: then mircea_popescu is correct
asciilifeform: hitler does know considerably more under the all-signed scenario than alternative.
mircea_popescu: more importantly, hitler IS a lot more in that than he would be in this.
asciilifeform: but if we actually want to go in that direction, the logical result is a gadget like 'tor', with bounces, mixes, etc.
asciilifeform: rather than lukewarm step in that direction, no?
mircea_popescu: this is paid for, somewhere, by someone. who is paying but me ? even if i can't show where it leeches me, it does. why should i ?
mircea_popescu: there's nothing lukewarm about this.
mircea_popescu: it is, unlike the tor etc bs, actually efficient.
asciilifeform: just seems like an attempt to build a stove-refrigerator hybrid. yes, can be done, yes, in some sense these are complementary machines. but - challenge.
mircea_popescu: nothing of the kind.
asciilifeform: (combination of 'tor'-like apparatus with 'wot', in particular)
mircea_popescu: the tor bs is an attempt to "fix" in implementation problems to whose existence it not merely contributes, but moore! whose existence it actually postulates.
mircea_popescu: it is fundamentally broken and will never work exactly because it simply presumes the adversary wins.
asciilifeform: speaking of the 'platonic' tor, rather than the cthonian horror of the actual proggy
mircea_popescu: wheras as proposed, gossipd makes the enemy outright impossible.
mircea_popescu: not even deliberately, just, as a side effect.
mircea_popescu: asciilifeform even the platonic.
mircea_popescu: structure it and i'll show you how it assumes it.
asciilifeform: well, 'platonic tor' is simply that a large number of people agree to 'play non-broken telephone' between me and a destination.
asciilifeform: thereby obscuring the existence of the conversation, within certain limits.
mircea_popescu: a destination you know nothing about.
asciilifeform: a destination you may or may not know something about out-of-band
mircea_popescu: so the fundamental statement is "the group is more important than the individual"
mircea_popescu: and you wish to know why it is broken by design ?
mircea_popescu: that's why.
mircea_popescu: once that's in there, of course fucking nsa.
asciilifeform: (e.g., i may know that it is a machine at ip p.q.r.s with rsa pubkey K)
asciilifeform: well yes. nsa comes inevitably in because you are trusting three strangers whom you know nothing about, to form the circuit.
mircea_popescu: derp.
mircea_popescu: now apply the same analysis to gossipd.
asciilifeform: gossipd proposes a scheme more akin to the traditional 'cell' organizations of revolutions, etc
asciilifeform: (i dare suggest that a node be referred to as 'cell', for extra lulz)
mircea_popescu: quite.
mircea_popescu: historically, the closer a relation, the more direct.
asciilifeform: aha
mircea_popescu: this is not some sort of random contrivance of boredom.
asciilifeform: it is the inevitable construction that stands.
mircea_popescu: this is specifically because, historically, the individual is more important than the group
asciilifeform: like bridge truss.
asciilifeform: (triangles)
mircea_popescu: which is how humanity managed to inch its way to this sad time when it's about to kill itself a thousand different ways
mircea_popescu: all born the same stupid place.
asciilifeform: which, in this context, place ?
mircea_popescu: "group is more important than individual"
mircea_popescu: a mental place.
asciilifeform: ah that.
mircea_popescu: myeah
artifexd: This pretty much prevents one-way relationships, right?
artifexd: If you and I are online, unless we are both in each other's list, we will never direct-connect.
mircea_popescu: this part is finnicky. it shouldn't, ideally, but i don't see how it could be done.
artifexd: We have to both agree to trust each other.
mircea_popescu: right.
mircea_popescu: more importantly, connections on the internet don't work unilaterally.
mircea_popescu: so im guessing this is going to be forced by the medium.
artifexd: They do via UDP
mircea_popescu: if we were onm a purely broadcast network, it'd work right
mircea_popescu: myeah.
mircea_popescu: but udp is hard.
artifexd: No argument
mircea_popescu: im not entirely sure it is actually to any purpose important.
asciilifeform: udp is trivial!
asciilifeform: damnit.
asciilifeform: tcp is hard.
mircea_popescu: tcp is hard to employ usefully.
artifexd: upd is trivial for sending information if you don't care if they received it
artifexd: If you want a back and forth connection, you end up duplicating tcp yourself.
asciilifeform: artifexd: for sufficiently simple quanta, it is very easy to 'verify received' without duplicating all the cruft of tcp.
mircea_popescu: artifexd you will notice the spec is broadcast-oriented.
mircea_popescu: you don't really need to hear anything back from anyone.
*: asciilifeform believes the future to hold many one-way links
asciilifeform: shortwave radio, castaway bottles, obelisks.
mircea_popescu: artifexd nevertheless, since output is always encrypted to a key,
mircea_popescu: unilateral relations are really hard.
mircea_popescu: (i mean, as opposed to soft. it's not like twitter, follow X. it's the opposite, "send to X")
decimation: it occurs to me that one ought not design low level features into a communication system unless absolutely necessary
mircea_popescu: this about which bit ?
asciilifeform: decimation: that particular point of contention was about a kind of thing not readily retrofitted.
asciilifeform: it is a grave misconception that 'anything can be retrofitted.'
asciilifeform: if it were so, existing net protocols would suffice...
mircea_popescu: asciilifeform explain transsexuals then.
asciilifeform: decimation: http://btcbase.org/log/?date=07-01-2015#967274
assbot: Logged on 07-01-2015 01:22:05; asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet.
asciilifeform: transsexuals ?
mircea_popescu: they get gender bits retrofitted. it's a joke.
asciilifeform: lol
asciilifeform: actually very pertitent
asciilifeform: good example of clumsy and very threadbare attempt at 'retrofit'
mircea_popescu: and impertinent at the same time!
asciilifeform: l0l
mircea_popescu: i might be especially thick, but i don't actually understand what decimation is saying.
mircea_popescu: which is the low level function ?
decimation: this was from a paper that was written by folks who designed early 80's network protocols
decimation: http://web.mit.edu/saltzer/www/publications/endtoend/endtoend.txt
*: asciilifeform happens to be a crackpot specializing in the subject of 'abstractions being interchangeably paperable over is a mega-lie, foundations matter forever'
asciilifeform: you will -never- get single-packet friend-or-foe with tcp or tcp-like apparatus.
asciilifeform: (nor an immediate transposability to shortwave/message-in-bottle)
decimation: I don't see why one couldn't route ircd on top of ascii's udp-wot-internet
decimation: (the new ircd being proposed here)
mircea_popescu: ah ah that's what you mean.
mircea_popescu: yes, once that happens, they could.
mircea_popescu: not before tho.
mircea_popescu: decimation did you actually read the whole discussion ?
decimation: I did. I find myself liking ascii's hardened bedrock
asciilifeform: hypothetical, sadly, bedrock
mircea_popescu: decimation how was the experience ?
*: asciilifeform does not have a battlefield-ready apparatus to offer
decimation: it was a good discussion, I also found it stimulating
decimation: but I do see the problem of broadcasting signed messages everywhere
mircea_popescu: cool.
adlai: is this udp-over-wot concept "too long to fit in the margin", or have you sketched something about about it somewhere?
asciilifeform: adlai: described it at some length in #b-a at various points in the past month; also in a few comments on mircea_popescu's site.
decimation: the interent, as exists, is like tor - in the sense that the group is trying to solve the individual's problem
asciilifeform: adlai: must note that it is originally entirely unrelated to mircea_popescu and artifexd's project
decimation: the only real method of escape is layer 1 routing
asciilifeform: !s udp
assbot: 22 results for 'udp' : http://s.b-a.link/?q=udp
asciilifeform: enjoy
mircea_popescu: !s udp from:asciilifeform
assbot: 12 results for 'udp from:asciilifeform' : http://s.b-a.link/?q=udp+from%3Aasciilifeform
adlai: sure, this "ircd" thingy is just the latest in an uncoordinated herd of attempts to attack this same general problem
asciilifeform: adlai: the way i understand it, we have at least three people right here who came up with very similar - but different in important respects - attempted solutions.
*: adlai . o ( one could say that mpex simulates udp on top of tcp )
mircea_popescu: one could say that, and be uncharitable.
adlai: not enough "quantum"?
mircea_popescu: lol
asciilifeform: mpex was not the inspiration for my version of the concept, but was the impetus for my coming to believe that it is buildable and worth confessing to people about
adlai: how so?
asciilifeform: proving the point that stateless, medium-agnostic 'connectionless' comms are the only solid way to go.
adlai: I guess it's an example of something which could work equally well over udp, and just happens to use tcp for convenience
...and shortly thereafter
ben_vulpes: asciilifeform i like 'unscannable for', not because of any derping re: 'anonymity', but from sheer delight in the morale hit to enemy < < this one in particular
ben_vulpes: mircea_popescu [] and if i am in your list and you in mine the same is preserved by gossipd. < < means that if you want everything you say on the record, operate a server for your identity.
ben_vulpes: how to preserve the serenissima log semantics though? if all "chat lines" are wholly deniable, the notion of a public forum in which to do business publically falls apart.
ben_vulpes: it only works for us, and sort of right now (?!?!?) because once upon a time assbot relied on the "authedness" of users via the "gribble" service.
ben_vulpes: asciilifeform [] that is an ad-hoc, bug-ridden reimplementation of the blockchain! < < yeah but only half
mircea_popescu: ben_vulpes how does it fall apart ?
ben_vulpes: how does it maintain any sort of relevance, if it can be polluted by...
ben_vulpes: ah i guess the log only makes sense as maintained by someone in a wot
mircea_popescu: by ?
mircea_popescu: take the eutherium short as a good working example.
mircea_popescu: this identity, which may be me unless i deny it, proposes he will sign a contract so and so.
ben_vulpes: by anyone who cares to transmit with a bogus "from"
mircea_popescu: you agree to the terms.
mircea_popescu: the contract is forthwith produced.
mircea_popescu: now it's unrepudiable.
mircea_popescu: no contract appears. well... now you cantell whoever you see me through that wtf is this bs.
mircea_popescu: seems perfect.
ben_vulpes: i was commenting at the point in the discusison at which messages were unsigned. did messages become signed?
mircea_popescu: it is also EXACTLY how it worked,
mircea_popescu: except once the few derps flaked, i had nobody to complain to.
mircea_popescu: ben_vulpes no but recall the thing itself i refer to. a pastebin contract was in fact proferred.
ben_vulpes: sure
mircea_popescu: that.
ben_vulpes: forgive the dunce cap hanging over my eyes, but i'm entirely failing to see how this makes for an unrepudiable log of the forum.
mircea_popescu: it does not.
mircea_popescu: it only makes for an unrepudiable log of what matters.
ben_vulpes: "what matters" < < to a keyset though, not "to everyone"
mircea_popescu: because "everyone" does not matter.
mircea_popescu: no more overhanging mega-group.
mircea_popescu: people. just and only.
ben_vulpes: not a record of all strings sent to "#b-a", but a record of all strings sent to "#b-a" as seen by the lN of "assbot".
mircea_popescu: that exists, for each item in l(N).
mircea_popescu: and for them only.
*: mircea_popescu finds it funny how the same one stump trips erryone.
ben_vulpes: asciilifeform [] probably quite a few folks. but the thing that distinguishes fermat from wot is that wot needs to be at least quasi-'hot' to really work as intended, imho. < < strikes me that a series of "rating" messages should be parsed to build a rating history.
ben_vulpes: asciilifeform [] i won't argue that wot moves ought to be retained for all eternity; but will say that some automatic caching is necessary < < wotchains, perchance?
mircea_popescu: wots are trivially doublespent. as part of normal functioning.
BingoBoingo: mircea_popescu: Yeah. the skeleton in the RFC wasn't as revealing as the conversation was. gossipd putting the emphasis on Relay in IRC
...and still later
artifexd: mircea_popescu: Regarding gossipd, do you have any preference for the data flowing over the wire as binary or text?
artifexd: Binary would mean shorter messages because fingerprint a would only take up 20 bytes (instead of 40) and keys would not have to be armored. Text would make the flow easier to read/debug but the data would necessarily take up more space.
jurov: artifecd did you research some existing ideas?
jurov: i liked http://twistedmatrix.com/documents/8.2.0/api/twisted.protocols.amp.html but did not try it in practice
assbot: twisted.protocols.amp : API documentation ... ( http://bit.ly/14pFQG2 )
asciilifeform: artifexd: text?! wtf
asciilifeform: jurov: and what is that gnarly pythonism.
*: asciilifeform wonders if he woke up in some alternate universe #b-a full of www-dev folks
mircea_popescu: artifexd it's always encrypted, so what do you mean text ?
...and still
ben_vulpes: asciilifeform [] hitler does know considerably more under the all-signed scenario than alternative. < < your sought "morale hit"
asciilifeform: ben_vulpes: i did, later, grasp mircea_popescu's deniable-transmission algo
ben_vulpes: gossipd when
mircea_popescu: as soon as artifexd gets exactly drunk enough ?
asciilifeform: ben_vulpes: trick is that two directly-connected cells may as well be exchanging signed msgs. but relayed msgs (in, e.g., cells a -> b -> c, from a to c) are 'gossip' - that is, 'deniable.'
mircea_popescu: asciilifeform precisely
ben_vulpes: clever, neh?
ben_vulpes: i imagine we'll all be running our own cells initially.
mircea_popescu: permanently ?
asciilifeform: ben_vulpes: how do you propose to use the hypothetical gizmo without running a cell ?
mircea_popescu: i suppose once webchat is enabled you could use that.
ben_vulpes: how does someone relay a message to a cell and from a cell to another cell?
mircea_popescu: dude just read it first lol;
mircea_popescu: ask after.
asciilifeform: ben_vulpes: manually configured peers
asciilifeform: ben_vulpes: do read mircea_popescu's article, it is very concise.
ben_vulpes: forgive the extremely poorly articulated comment.
ben_vulpes: i imagine a steady-state future where people operate gossipd cells in much the same way that ircd's are operated on fleanode.
asciilifeform: ben_vulpes: rather more like bitcoin - in that you introduce messages into the net by loading them into your own cell
asciilifeform: which then propagates to your peers
ben_vulpes: asciilifeform: https://blockchain.info/pushtx
asciilifeform: (i forget if this was mircea_popescu's terminology in the original article, or not)
asciilifeform: ben_vulpes: aha but you cannot really have this, unless you - in particular - or one of your peers - wants to create a public toilet for spam and give it peerage
ben_vulpes: it *will* happen.
ben_vulpes: the structure of the thing implies many wots.
asciilifeform: if one carries on with such, may find himself on a rather smaller and lonelier gossipnet
asciilifeform: than before.
ben_vulpes: doubtful, see the ever prolix reddit.
asciilifeform: incidentally i don't recall if any of you lot suggested this, but: max-graph-degrees knob.
asciilifeform: for when you want a 'louder', 'more new blood' sort of experience - crank clockwise.
asciilifeform: for the radio aficionados among us, let's call it 'squelch'
mircea_popescu: ben_vulpes there's no value in imposing values for poeople.
mircea_popescu: just as long as i can isolate the redditd from my machine, the people who want to be in there are more then welcome to their own choices.
mircea_popescu: freedom is this, not something else.
ben_vulpes: i'm not suggesting any values be forced on anyone.
mircea_popescu: asciilifeform i thought it's implicit in the spec, in the "receiver decides if to relay" : you can configure a client to pass, to user or other clients, whatever you wish
asciilifeform: mircea_popescu: in a way, it is. but sort of left as an exercise.
mircea_popescu: yea. well honestly most everything is so left.
mircea_popescu:ben_vulpes granted. i just mean... so they do,more power to em.
*: ben_vulpes intends to run an open relay node - openly disclosed as such for those in the mood to twiddle knobs
ben_vulpes: cell, excuse me.
mircea_popescu: sure
Thursday, 8 January 2015
Hey, thanks for that. All 111911 bytes of it.
Sunday, 11 January 2015
From: http://btcbase.org/log/?date=11-01-2015#972804
artifexd:mircea_popescu: can you elaborate on "a pgp-signed document by the for key certifying the validity of the IPs public key with an expiration unixtimev in case the for field differs and a nickname"?
mircea_popescu:artifexd i can. what specifically ?
artifexd:I don't understand what you mean
artifexd:All the words make sense but when you put them in that order...
asciilifeform:artifexd: may help to read a certain thread:
asciilifeform:!s ephemeral key
assbot:13 results for 'ephemeral key' : http://s.b-a.link/?q=ephemeral+key
ben_vulpes:asciilifeform: consider it an otherwise unremarkable arrowhead from the dig
mircea_popescu:let A connect to B. let A pass a message to B in the format "A for X, sup". B must find in the hello message through which A connected to it a document where X signs A's privkey,
ben_vulpes:me i'm just fascinated that the savages can bang such arms together with basalt and obsidian
asciilifeform:artifexd: generally, one ought not to connect one's wot private key to an automated, net-live apparatus. hence you sign another key with it, and use that.
mircea_popescu:that document must include a unixtime indicating expiry.
artifexd:What is the format of said document?
mircea_popescu:your problme.
asciilifeform:artifexd: the signature itself will almost certainly start life as a gpg output.
ben_vulpes:artifexd: formal grammar!
ben_vulpes:ignore me
mircea_popescu:formally or merely, ben_vulpes ?
asciilifeform:ben_vulpes is volunteering to write a backus-naur grammar ?
ben_vulpes:'twas an exhortation to make a bnf
artifexd:I am currently using pointers to exported key files instead of trying to shoehorn keys into config files.
mircea_popescu:baccus moar like it, amirite.
ben_vulpes:mircea_popescu knows my format :P
mircea_popescu:artifexd pointers, what kind ?
artifexd:filename
mircea_popescu:seems you're shoehorning the filesystem into it instead ?
Sunday, 11 January 2015
Thanks for that!