[p2p-hackers] Re: [decentralization] The Content-Addressable Web

Zooko zooko at zooko.com
Thu Oct 25 13:52:01 UTC 2001


  [Everyone please note that this thread is being crossposted to p2p-hackers,
   decentralization and bluesky.  Only subscribers can post directly to
   p2p-hackers, but messages from non-subscribers get forwarded to me for
   approval.  --Zooko http://zgp.org/mailman/listinfo/p2p-hackers/ ] 

Lines prepended with "> > > " were written by Justin Chapweske.
Lines prepended with "> > " were written by Mark Baker.

> > > While any kind of URN can be used within the Content-Addressable
> > > Web, there is a specific type of URN called a "Self-Verifying
> > > URN" that is particularly useful. These URNs have the
> > > property that the URN itself can be used to verify that
> > > the content has been received intact. It is RECOMMENDED
> > > that applications use cryptographically strong self-verifying
> > > URNs because hosts in ad hoc CDNs and the Transient Web
> > > are assumed to be untrusted. For instance, one could hash
> > > the content using the SHA-1 algorithm, and encode it using
> > > Base32 to produce the following URN:
> > > 
> > > urn:sha1:RMUVHIRSGUU3VU7FJWRAKW3YWG2S2RFB
> > 
> > That's an invalid URN, AFAIK.  There's no authority.  All URIs
> > need an authority to vouch for the identity.

This is surely the most pernicious myth about naming: that it is impossible to
verify the correctness of a mapping yourself and you are doomed to trust in
some external authority who will tell you the answer.

There are two counterexamples: names that are a deterministic function of the
content (which Freenet calls "Content Hash Keys" or "CHKs") and names that
include the ID of a public key in the name, so that you can check a digital
signature on the content (which Freenet calls "Sub-Space Keys" or "SSKs", and
the Self-Certifying File System[1] calls "names").


I think this is an extremely important point.  IMO the only part of "p2p" which
is really revolutionary is the potential for "cooperation without
vulnerability" -- two agents live on opposite sides of an unbridgeable trust
boundary who are still able to interoperate and cooperate.

I'm going to say it again:

The most important concept in the whole field of the "p2p" or
"decentralization" or whatever you call it is the concept of "cooperation
without vulnerability".

The most important component of infrastructure that we lack right now in order
to enable cooperation without vulnerability is a name service which uses
self-authenticating keys so that no agent is ever vulnerable to deception with
regard to what object a name should map to.

Regards,

Zooko

http://zooko.com/

[1] http://fs.net/




More information about the P2p-hackers mailing list