[p2p-hackers] In search of the Darknet....

[Duncan B. Cragg]

Martin:

There's so much stuff in your emails that I haven't got time
to digest it - thanks =0).

> another way to think of this is distinct domains of resource
> visibility for 'private groups' within a much larger shared
> infrastructure.  i like this approach because so many networks have to
> deal with the same issues over and over again, initial introduction to
> bootstrap into the network, transitive introduction to expand your
> horizon/group sizes. a sufficient pool of trusted users for decent
> anonymity, etc.
> 
> sharing infrastructure in this manner (for example, an anonymizing mix
> network or PIR network) can provide significant improvements over a
> number of smaller, isolated subsets each providing their own.
> 
> trust becomes more difficult though, which is why the delineation
> between what can and should be shared (a global GUID pseudonym), and
> what is private to a group (a signed filesystem archive) needs to be
> drawn carefully.
> 
Yup - I think we're both talking about the same 'global darknet'
here. Let's assume that we are, and move on before anyone
notices.. =0)


> at the root layer you have a personal space.  this is where key
> management occurs and thus it is highly protected (the loop-AES file
> systems).
> 
> at the mid layer you have group spaces.  a group is simply an
> arbitrary collection of peers.  all links between peers in a group are
> strongly authenticated.  for example, it may consist of peers known in
> your F2F social network in meatspace.  strongly authenticated means
> good key distribution, so mutually signed pub keys or out of band
> shared secret exchange may be necessary to establish such connections.
> 
> the last layer is the public space, and your only interaction with
> public is via pseudonym or anonymously.  this is due to the lack of
> strong authentication for peers discovered / communicated with in this
> realm.  public is probably the easiest to understand intuitively as
> anything you might publish or do anonymously or as an opaque group
> would be a good candidate for shared infrastructure.
> 
Yup - sounds reasonable. What about when there is a chunk of data with
a group or list of people who can share it - which is what I'm aiming
for - then peer-to-peer crypto (link security) isn't enough? Isn't
data encryption needed? Then it can be passed through intermediaries
that aren't on the list. Of course, when the global network has a
partition that is exactly those on the list, the data can be passed
around 'in the clear' between them, just using link-level crypto.


> when you get to group communication you need to address the roles
> peers will play ..<snip>...  peer is a quorum member, a fully
> decentralized organizational structure.
> <snip>
> ... a peer group performs the following functions:
> - manages peer membership within the group (this is obvious :). 
> adding or removing peers requires consensus. (key management /
> distribution)
> - defines and distributes private resource collections.  a resource
> collection in this case is a self-certifying collection of files
> identified by SHA hash and the authenticated pet names applied to
> these files to map them into a familiar namespace (like paths and
> vfolders, etc). this may or may not require consensus.
> - defines and provides public group resources to members outside of
> the group (the visibility of any resource would be subject to quorum
> approval, everything else is implicitly private to that group).
> 
All this sounds very advanced, especially compared with what I'm
doing - so I look forward to seeing it in action! Are pet names
group-wide or individual?  Zooko would probably say they were
individual - presumably the reason for them (avoid clashes)
isn't an issue in one of these groups. Did you say that each
resource has a GUID/URL (opaque to human eyes)? My own plan
has two kinds of reference: GUID/URLs (opaque) and a DAG structure
(like a filesystem for humans to explore).

> if a group cannot reach consensus (peer dies, meatspace drama, etc)
> then the state of the group is essentially frozen as no new directives
> related to private or public group resources (and membership) may be
> given.  time to create a new group among those who can agree :)
> 
Oh - I love the phrase 'meatspace drama'!! Can I use it?  =0)


> there are a lot of details missing here; documentation has taken a bit
> of a back seat to experimental design as getting the usability /
> intuitive interaction right is very difficult and distilling the
> already too complicated design down to bare essentials is taking
> longer than expected.
> 
Sounds like you've done what I've done: bitten off more than you
can chew!! =0) I've been working full time on my own plans for
eight months - and am nowhere near done.

> in short, we define three domains of interaction between peers in the
> network (where 'network' is all shared infrastructure and all groups):
> - personal, where the secrets that define your identity are guarded.
> - group, where trusted peers act as quorum members to manage the group.
> - public, where any peer or group may distribute resources
> pseudonymous/anonymously.
> 
Cool.

> this is a fun line of conversion; please keep us advised of additional
> resources you discover that are relevant to these types of
> relationships in large F2F/dark networks!
 >
'K.. Thanks for all the interesting material and concepts.


I'm still pondering all that implicit semantics stuff... This bit:

 > transitive introduction using arbitrary peer grouping and implicit
 > feedback / profiling.  .. ... implicit
 > feedback in user defined peer groups is useful for transitive
 > introduction.  the basic premise is that you ask peers who are useful
 > to you for other peers who may be useful in turn, where 'useful' is an
 > attribute defined by implicit feedback from your interaction with that
 > peer and the resources the peer has provided.
 >
 > if you continue to "cultivate" your peer groups over time by removing
 > peers who are not helpful and adding new peers referred to you from
 > those who are helpful the effectiveness of resource discovery can be
 > continually improved, even for rare / obscure domains of search where
 > exhaustive/complete search is usually required to be effective.
 >
Looking at the alpine archives (why did you wipe it? and also
cubicmetercrystal?) and the NeuroGrid stuff, it looks like your petnames
(and my DAG) are the key here: treat petnames as stuff that can be
shared, then follow them around (or the peers that use them). Just a
half-formed thought. I'll get back to you if any more neurons fire in
this space... =0/


Cheers!


Duncan