[p2p-hackers] P2P Authentication
Alen Peacock
alenlpeacock at gmail.com
Thu Oct 27 14:45:52 UTC 2005
On 10/27/05, Kerry Bonin <kerry at vscape.com> wrote:
> I think some people are put off by the size and
> complexity of the libraries involved,
Personally, I'm put off by the centralization. I'm not really
concerned about the library size or complexity of PKI,. In fact, my
experience indicates that implementing centralized CAs is a good deal
less complex than trying to distribute identity verification
throughout the system with no centralization.
Completely decentralized p2p applications have the advantage of
being especially resilient to DoS and other attacks on centrality.
Introducing centralized components negates this advantage. In the
case of using CAs in a p2p app, the entire network can be disabled by
attacking the CAs.
p2p networks pose an interesting challenge because you have to
design for the fact that malicious or misbehaving clients *will* be
present. Since there is no single entity or known group of entities
controlling the nodes (as in typical distributed applications), there
is no way to enforce adherence to protocols other than with the
protocols themselves. This may sound idealistic and naive, perhaps
justly so, but the further away from protocols that require
centralized architectures we get, the better (IMHO, of course).
Alen
More information about the P2p-hackers
mailing list