[p2p-hackers] part 2: proxying and introduction: the two fundamental operations of emergent networks

[coderman]

Lucas Gonze wrote:
>
> ...
> 
> There are a zillion archived and searchable publication nodes.  A node could
> ship with knowledge of a Google search string, an Altavista search string, a
> list of discussion group search URLs, etc.  Just a big list of URLs and some
> prior knowledge of what to do with each.  These don't have to on the web, they
> just have to be reachable in some way.  Newsgroups, ftp sites, DNS records,
> online classifieds, IRC...   anything that can accept and publish data.
> 

I had actually thought of using this method.  I put up a page with a well
defined string 'ALPINE_BOOTSTRAP_HOSTS' and let google get around to crawling it.

Once indexed, anyone could put up a page with 'ALPINE_BOOTSTRAP_HOSTS' and if
google got to it, it would eventually be locatable by a client for use with
bootstrapping some peers.  This would then kick off the transitive introduction,
and so it should only be needed once.

Example:
http://www.google.com/search?q=cache:FAVsZne1Lao:cubicmetercrystal.com/alpine/bootstrap_hosts.html+ALPINE+BOOTSTRAP&hl=en

I took this page down, and decided against this method because the relevance
metrics used by search engines can be abused.  I dont know how likely it would
be, but a malicious party could place a highly linked page up that only lists
rogue endpoints.  (perhaps the RIAA wants peers connecting to their snooping
servers?)

It is an interesting idea, and perhaps coupled with some kind of assymetric/
public key encryption could be inplemented in a secure fashion.

I.e. All pages need to be authorized and signed by something like a certificate
authority for your network (maybe the maintainers, who knows).  If the page
located by google has a valid signature, then it could be used.  If it does
not, then search for the next page until you find one that does have a valid
signature.

You could apply this same mechanism to a mailing list or news group as well...