2022-02-16 00:53:01 -05:00
|
|
|
|
---
|
|
|
|
|
title: Name System
|
2022-05-06 22:49:33 -04:00
|
|
|
|
...
|
2022-02-16 00:53:01 -05:00
|
|
|
|
We intend to establish a system of globally unique wallet names, to resolve
|
|
|
|
|
the security hole that is the domain name systm, though not all wallets will
|
|
|
|
|
have globally unique names, and many wallets will have many names.
|
|
|
|
|
|
|
|
|
|
Associated with each globally unique name is set of name servers. When one’s
|
|
|
|
|
wallet starts up, then if your wallet has globally unique name, it logs in
|
|
|
|
|
to its name server, which will henceforth direct people to that wallet. If
|
|
|
|
|
the wallet has a network accessible tcp and/or UDP address it directs people
|
|
|
|
|
to that address (one port only, protocol negotiation will occur once the
|
|
|
|
|
connection is established, rather than protocols being defined by the port
|
2022-07-08 03:05:24 -04:00
|
|
|
|
number). If not, will direct them to a UDT4 rendezvous server, probably itself.
|
2022-02-16 00:53:01 -05:00
|
|
|
|
|
|
|
|
|
We probably need to support [uTP for the background download of bulk data].
|
2022-07-08 03:05:24 -04:00
|
|
|
|
This also supports rendezvous routing, though perhaps in a different and
|
2022-02-16 00:53:01 -05:00
|
|
|
|
incompatible way, excessively married to the bittorrent protocol.We might
|
|
|
|
|
find it easier to construct our own throttling mechanism in QUIC,
|
|
|
|
|
accumulating the round trip time and square of the round trip time excluding
|
|
|
|
|
outliers, to form a short term and long term average and variance of the
|
|
|
|
|
round trip time, and throttling lower priority bulk downloads and big
|
|
|
|
|
downloads when the short term average rises above the long term average by
|
|
|
|
|
more than the long term variance. The long term data is zeroed when the IP
|
|
|
|
|
address of the default gateway(router) is acquired, and is timed out over a
|
|
|
|
|
few days. It is also ceilinged at a couple of seconds.
|
|
|
|
|
|
|
|
|
|
[uTP for the background download of bulk data]: https://github.com/bittorrent/libutp
|
|
|
|
|
|
|
|
|
|
In this day and age, a program that lives only on one machine really is not
|
|
|
|
|
much of a program, and the typical user interaction is a user driving a gui
|
|
|
|
|
on one machine which is a gui to program that lives on a machine a thousand
|
|
|
|
|
miles away.
|
|
|
|
|
|
|
|
|
|
We have a problem with the name system, the system for obtaining network
|
|
|
|
|
addresses, in that the name system is subject to centralized state control,
|
|
|
|
|
and the TCP-SSL system is screwed by the state, which is currently seizing
|
|
|
|
|
crimethink domain names, and will eventually seize untraceable crypto
|
|
|
|
|
currency domain names.
|
|
|
|
|
|
|
|
|
|
In today’s environment, it is impossible to speak the truth under one’s true
|
|
|
|
|
name, and dangerous to speak the truth even under any durable and widely used
|
|
|
|
|
identity. Therefore, people who post under names tend to be unreliable.
|
|
|
|
|
Hence the term “namefag”. If someone posts under his true name, he is a
|
|
|
|
|
“namefag” – probably unreliable and lying. Even someone who posts under a
|
|
|
|
|
durable pseudonym is apt show excessive restraint on many topics.
|
|
|
|
|
|
|
|
|
|
The aids virus does not itself kill you. The aids virus “wants” to stick
|
|
|
|
|
around to give itself lots of opportunities to infect other people, so wants
|
|
|
|
|
to disable the immune system for obvious reasons. Then, without a immune
|
|
|
|
|
system, something else is likely to kill you.
|
|
|
|
|
|
|
|
|
|
When I say “wants”, of course the aids virus is not conscious, does not
|
|
|
|
|
literally want anything at all. Rather, natural selection means that a virus
|
|
|
|
|
that disables the immune system will have opportunities to spread, while a
|
|
|
|
|
virus that fails to disable the immune system only has a short window of
|
|
|
|
|
opportunity to spread before the immune system kills it, unless it is so
|
|
|
|
|
virulent that it likely kills its host before it has the opportunity to
|
|
|
|
|
spread.
|
|
|
|
|
|
|
|
|
|
Similarly, a successful memetic disease that spreads through state power,
|
|
|
|
|
through the state system for propagation of official truth “wants” to disable
|
|
|
|
|
truth speaking and truth telling – hence the replication crisis, peer
|
|
|
|
|
review, and the death of science. We are now in the peculiar situation that
|
|
|
|
|
truth is best obtained from anonymous sources, which is seriously suboptimal.
|
|
|
|
|
Namefags always lie. The drug companies are abandoning drug development,
|
|
|
|
|
because science just does not work any more. No one believes their research,
|
|
|
|
|
and they do not believe anyone else’s research.
|
|
|
|
|
|
|
|
|
|
It used to be that there were a small number of sensitive topics, and if you
|
|
|
|
|
stayed away from those, you could speak the truth on everything else, but now
|
|
|
|
|
it is near enough to all of them that it might as well be all of them, hence
|
|
|
|
|
the replication crisis. Similarly, the aids virus tends to wind up totally
|
|
|
|
|
suppressing the immune system, even though more selective shutdown would
|
|
|
|
|
serve its interests more effectively, and indeed the aids virus starts by
|
|
|
|
|
shutting down the immune system in a more selective fashion, but in the end
|
|
|
|
|
cannot help itself from shutting down the immune system totally.
|
|
|
|
|
|
|
|
|
|
The memetic disease, the demon, does not “want” to shut down truth telling
|
|
|
|
|
wholesale. It “wants” to shut down truth telling selectively, but inevitably,
|
|
|
|
|
there is collateral damage, so it winds up shutting down truth telling
|
|
|
|
|
wholesale.
|
|
|
|
|
|
|
|
|
|
To exorcise the demon, we need a prophet, and since the demon occupies the
|
|
|
|
|
role of the official state church, we need a true king. Since there is a
|
|
|
|
|
persistent shortage of true Kings, I here speaking as engineer rather than a
|
|
|
|
|
prophet, so here I am discussing the anarcho agorist solution to anarcho
|
|
|
|
|
tyranny, the technological solution, not the true king solution.
|
|
|
|
|
|
|
|
|
|
Because of the namefag problem and the state snatching domain names, we need,
|
|
|
|
|
in order to operate an untraceable blockchain based currency not only a
|
|
|
|
|
decentralized system capable of generating consensus on who owns what cash,
|
|
|
|
|
we need a system capable of generating consensus on who who owns which human
|
|
|
|
|
readable globally unique names, and the mapping between human readable names,
|
|
|
|
|
Zooko triangle names (which correspond to encryption public keys), and
|
|
|
|
|
network addresses, a name system resistant to the state’s attempts to link
|
|
|
|
|
names to jobs, careers, and warm bodies that can be beaten up or imprisoned,
|
|
|
|
|
to link names to property, to property that can be confiscated or destroyed.
|
|
|
|
|
|
|
|
|
|
A transaction output can hold an amount of currency, or a minimum amount of
|
|
|
|
|
currency and a name. Part of the current state, which every block contains,
|
|
|
|
|
is unused transaction outputs sorted by name.
|
|
|
|
|
|
|
|
|
|
If we make unused transaction outputs sorted by name available, might as well
|
|
|
|
|
make them available sorted by key.
|
|
|
|
|
|
|
|
|
|
In the hello world system, we will have a local database mapping names to
|
|
|
|
|
keys and to network addresses. In the minimum viable product, a global
|
|
|
|
|
consensus database. We will, however, urgently need a rendezvous system that
|
|
|
|
|
allows people to set up wallets and peers without opening ports on stable
|
|
|
|
|
network address to the internet. Arguably, the minimum viable product will
|
|
|
|
|
have a global database mapping between keys and names, but also a nameserver
|
|
|
|
|
system, wherein a host without a stable network address can login to a host
|
|
|
|
|
with a stable network address, enabling rendezvous. When one identity has its
|
|
|
|
|
name servers registered in the global consensus database, it always tries to
|
|
|
|
|
login to those and keep the connection alive with a ping that starts out
|
|
|
|
|
frequent, and then slows down on the Fibonacci sequence, to one ping every
|
|
|
|
|
1024 secondsplus a random number modulo 1024 seconds. At each ping, tells the
|
|
|
|
|
server when the next ping coming, and if the server does not get the
|
|
|
|
|
expected ping, server sends a nack. If the server gets no ack, logs the
|
|
|
|
|
client out. If the client gets no ack, retries, if still no ack, tries to
|
|
|
|
|
login to the next server.
|
|
|
|
|
|
|
|
|
|
In the minimum viable product, we will require everyone operating a peer
|
|
|
|
|
wallet to have a static IP address and port forwarding for most functionality
|
|
|
|
|
to work, which will be unacceptable or impossible for the vast majority of
|
|
|
|
|
users, though necessarily we will need them to be able to receive money
|
|
|
|
|
without port forwarding, a static IP, or a globally identified human readable
|
|
|
|
|
name, by hosting their client wallet on a particular peer. Otherwise no one
|
|
|
|
|
could get crypto currency they would need to set up a peer.
|
|
|
|
|
|
|
|
|
|
Because static IP is a pain, we should also support nameserver on the state
|
|
|
|
|
run domain name system, as well as nameserver on our peer network, but that
|
|
|
|
|
can wait a while. And in the end, when we grow so big that every peer is
|
|
|
|
|
itself a huge server farm, when we have millions of users and a thousand or
|
|
|
|
|
so peers, the natural state of affairs is for each peer to have a static IP.
|
|
|
|
|
|
|
|
|
|
Eventually we want people to be able to do without static IPs and
|
|
|
|
|
portforwarding, which is going to require a UDP layer. One the other hand, we
|
|
|
|
|
only intend to have a thousand or so full peers, even if we take over and
|
|
|
|
|
replace the US dollar as the world monetary system. Our client wallets are
|
|
|
|
|
going to be the primary beneficiaries of rendevous UDT4.8 routing over UDP.
|
|
|
|
|
|
|
|
|
|
We also need names that you can send money to, and name under which you can
|
|
|
|
|
receives. The current cryptocash system involves sending money to
|
|
|
|
|
cryptographic identifiers, which is a pain. We would like to be able to send
|
|
|
|
|
and receive money without relying on identifiers that look like line noise.
|
|
|
|
|
|
|
|
|
|
So we need a system similar to namecoin, but namecoin relies on proof of
|
2023-09-04 06:04:59 -04:00
|
|
|
|
work, rather than proof of share, and the state’s computers can easily mount
|
2022-02-16 00:53:01 -05:00
|
|
|
|
a fifty one percent attack on proof of work. We need a namecoin like system
|
2023-09-04 06:04:59 -04:00
|
|
|
|
but based on proof of share, rather than proof of work, so that for the state
|
2022-02-16 00:53:01 -05:00
|
|
|
|
to take it over, it would need to pay off fifty one percent of the
|
|
|
|
|
stakeholders – and thus pay off the people who are hiding behind the name
|
|
|
|
|
system to perform untraceable crypto currency transactions and to speak the
|
|
|
|
|
unspeakable.
|
|
|
|
|
|
|
|
|
|
For anyone to get started, we are going to have to enable them to operate a
|
|
|
|
|
client wallet without IP and port forwarding, by logging on to a peer wallet.
|
|
|
|
|
The minimum viable product will not be viable without a client wallet that
|
|
|
|
|
you can use like any networked program. A client wallet logged onto a peer
|
|
|
|
|
wallet automatically gets the name `username.peername`. The peer could give
|
|
|
|
|
the name to someone else though error, malice or equipment failure, but the
|
|
|
|
|
money will remain in the client’s wallet, and will be spendable when he
|
|
|
|
|
creates another username with another peer. Money is connected to wallet
|
|
|
|
|
master secret, which should never be revealed to anyone, not with the
|
|
|
|
|
username. So you can receive money with a name associated an evil nazi
|
|
|
|
|
identity as one username on one peer, and spend it with a username associated
|
|
|
|
|
with a social justice warrior on another peer. No one can tell that both
|
|
|
|
|
names are controlled by the same master secret. You send money to a username,
|
|
|
|
|
but it is held by the wallet, in effect by the master secret, not by the
|
|
|
|
|
user name. That people have usernames, that money goes from one username to
|
|
|
|
|
another, makes transferring money easy, but by default the money goes through
|
|
|
|
|
the username to the master secret behind the quite discardable username,
|
|
|
|
|
thus becomes anonymous, not merely pseudonymous after being received. Once
|
|
|
|
|
you have received the money, you can lose the username, throw it away, or
|
|
|
|
|
suffer it being confiscated by the peer, and you, not the username, still
|
|
|
|
|
have the money. You only lose the money if someone else gets the master
|
|
|
|
|
secret.
|
|
|
|
|
|
|
|
|
|
You can leave the money in the username, in which case the peer hosting your
|
|
|
|
|
username can steal it, but for a hacker to steal it he needs to get your
|
|
|
|
|
master secret and logon password, or you transfer it to the master secret on
|
|
|
|
|
your computer, in which case a hacker can steal it, but the peer cannot, and
|
|
|
|
|
also you can spend it from a completely different username. Since most people
|
|
|
|
|
using this system are likely to be keen on privacy, and have no good reason
|
|
|
|
|
to trust the peer, the default will be for the money to go from the username
|
|
|
|
|
to the master secret.
|
|
|
|
|
|
|
|
|
|
Transfers of money go from one username to another username, and this is
|
|
|
|
|
visible to the person who sent it and the person who received it, but if the
|
|
|
|
|
transfer is to the wallet and the master secret behind the username, rather
|
|
|
|
|
than to the username, this is not visible to the hosts. Money is associated
|
|
|
|
|
with a host and this association is visible, but it does not need to be the
|
|
|
|
|
same host as your username. By default, money is associated with the host
|
|
|
|
|
hosting the username that receives it, which is apt to give a hint to which
|
|
|
|
|
username received it, but you can change this default. If you are receiving
|
|
|
|
|
crypto currency under one username, and spending it under another username on
|
|
|
|
|
another host, it is apt to be a good idea to change this default to the host
|
|
|
|
|
that is hosting the username that you use for spending, because then spends
|
|
|
|
|
will clear more quickly. Or if both the usernames and both the hosts might
|
|
|
|
|
get investigated by hostile people, change the default to a host that is
|
|
|
|
|
hosting your respectable username that you do not use much.
|
|
|
|
|
|
|
|
|
|
We also need a state religion that makes pretty lies low status, but that is
|
|
|
|
|
another post.
|
|
|
|
|
|
2022-07-08 03:05:24 -04:00
|
|
|
|
#True Names and TCP
|
|
|
|
|
|
|
|
|
|
Vernor Vinge [made the point](http://www.amazon.com/True-Names-Opening-Cyberspace-Frontier/dp/0312862075) that true names are an instrument of
|
|
|
|
|
government oppression. If the government can associate your true name
|
|
|
|
|
with your actions, it can punish you for those actions. If it can find the true
|
|
|
|
|
names associated with a transaction, it is a lot easier to tax that transaction.
|
|
|
|
|
|
|
|
|
|
Recently there have been moves to make your cell phone into a wallet. A
|
|
|
|
|
big problem with this is that cell phone cryptography is broken. Another
|
|
|
|
|
problem is that cell phones are not necessarily associated with true names,
|
|
|
|
|
and as soon as the government hears that they might control money, it
|
|
|
|
|
starts insisting that cell phones *are* associated with true names. The phone
|
|
|
|
|
companies don’t like this, for if money is transferred from true name to
|
|
|
|
|
true name, rather than cell phone to cell phone, it will make them a servant
|
|
|
|
|
of the banking cartel, and the bankers will suck up all the gravy, but once
|
|
|
|
|
people start stealing money through flaws in the encryption, they will be
|
|
|
|
|
depressingly grateful that the government can track account holders down
|
|
|
|
|
and punish them – except, of course, the government probably will not be
|
|
|
|
|
much good at doing so.
|
|
|
|
|
|
|
|
|
|
TCP is all about creating connections. It creates connections between
|
|
|
|
|
network addresses, but network addresses correspond to the way networks
|
|
|
|
|
are organized, not the way people are organized, so on top of networks we
|
|
|
|
|
have domain names.
|
|
|
|
|
|
|
|
|
|
TCP therefore establishes a connection *to* a domain name rather than a
|
|
|
|
|
mere network address – but there is no concept of the connection coming
|
|
|
|
|
*from* anywhere humanly meaningful.
|
|
|
|
|
|
|
|
|
|
Urns are “uniform resource names”, and uris are “uniform resource identifiers” and urls are “uniform resource locators”, and that is what the
|
|
|
|
|
web is built out of.
|
|
|
|
|
|
|
|
|
|
There are several big problems with urls:
|
|
|
|
|
|
|
|
|
|
1. They are uniform: Everyone is supposed to agree on one domain
|
|
|
|
|
name for one entity, but of course they don’t. There is honest and
|
|
|
|
|
reasonable disagreement as to which jim is the “real” jim, because
|
|
|
|
|
in truth there is no one real jim, and there is fraud, as in lots of
|
|
|
|
|
people pretending to be Paypal or the Bank of America, in order to
|
|
|
|
|
steal your money.
|
|
|
|
|
|
|
|
|
|
2. They are resources: Each refers to only a single interaction, but of
|
|
|
|
|
course relationships are built out of many interactions. There is no
|
|
|
|
|
concept of a connection continuing throughout many pages, no
|
|
|
|
|
concept of logon. In building urls on top of TCP, we lost the
|
|
|
|
|
concept of a connection. And because urls are built out of TCP
|
|
|
|
|
there is no concept of the content depending on both ends of the
|
|
|
|
|
connection – that a page at the Bank might be different for Bob than
|
|
|
|
|
it is for Carol – that it does in reality depend on who is connected is
|
|
|
|
|
a kluge that breaks the architecture.
|
|
|
|
|
|
|
|
|
|
Because security (ssl, https) is constructed below the level of a
|
|
|
|
|
connection, because it lacks a concept of connection extending
|
|
|
|
|
beyond a single page or a single url, a multitude of insecurities
|
|
|
|
|
result. We want https and ssl to secure a connection, but https and
|
|
|
|
|
ssl do not know there are such things as logons and connections.
|
|
|
|
|
|
|
|
|
|
That domain names and hence urls presuppose agreement, agreement
|
|
|
|
|
which can never exist, we get cybersquatting and phishing and
|
|
|
|
|
suchlike.
|
|
|
|
|
|
|
|
|
|
That connections and logons exist, but are not explicitly addressed by the
|
|
|
|
|
protocol leads to such attacks as cross site scripting and session fixation.
|
|
|
|
|
|
|
|
|
|
A proposed fix for this problem is yurls, which apply Zooko’s triangle to
|
|
|
|
|
the web: One adds to the domain name a hash of a rule for validating the
|
|
|
|
|
public key, making it into Zooko’s globally unique identifier. The
|
|
|
|
|
nickname (non unique global identifier) is the web page title, and the
|
|
|
|
|
petname (locally unique identifier) is the title under which it appears in
|
|
|
|
|
your bookmark list, or the link text under which it appears in a web page.
|
|
|
|
|
|
|
|
|
|
This, however, breaks normal form. The public key is an attribute of the
|
|
|
|
|
domain, while the nickname and petnames are attributes of particular web
|
|
|
|
|
pages – a breach of normal form related to the loss of the concept of
|
|
|
|
|
connection – a breach of normal form reflecting the fact that that urls
|
|
|
|
|
provide no concept of a logon, a connection, or a user.
|
|
|
|
|
|
|
|
|
|
OK, so much for “uniform”. Instead of uniform identifiers, we should
|
|
|
|
|
have zooko identifiers, and zooko identifiers organized in normal form.
|
|
|
|
|
But what about “resource”, for “resource” also breaks normal form.
|
|
|
|
|
|
|
|
|
|
Instead of “resources”, we should have “capabilities”. A resource
|
|
|
|
|
corresponds to a special case of a capability, a resource is a capability
|
|
|
|
|
that that resembles a read only file handle. But what exactly are "capabilities”?
|
|
|
|
|
|
|
|
|
|
People with different concepts about what is best for computer security
|
|
|
|
|
tend to disagree passionately and at considerable length about what the
|
|
|
|
|
word “capability” means, and will undoubtedly tell me I am a complete
|
|
|
|
|
moron for using it in the manner that I intend to use it, but barging ahead anyway:
|
|
|
|
|
|
|
|
|
|
A “capability” is an object that represents one end of a communication
|
|
|
|
|
channel, or information that enables an entity to obtain such a channel, or
|
|
|
|
|
the user interface representation of such a channel, or such a potential
|
|
|
|
|
channel. The channel enables the possessor of the capability to do stuff to
|
|
|
|
|
something, or get something. Capabilities are usually obtained by being
|
|
|
|
|
passed along the communication channel. Capabilities are usually
|
|
|
|
|
obtained from capabilities, or inherited by a running instance of a program
|
|
|
|
|
when the program is created, or read from storage after originally being
|
|
|
|
|
obtained by means of another capability.
|
|
|
|
|
|
|
|
|
|
This definition leaves out the issue of security – to provide security,
|
|
|
|
|
capabilities need to be unforgeable or difficult to guess. Capabilities are
|
|
|
|
|
usually defined with the security characteristics central to them, but I am
|
|
|
|
|
defining capabilities so that what is central is connections and managing
|
|
|
|
|
lots of potential connection. Sometimes security and limiting access is a
|
|
|
|
|
very important part of management, and sometimes it is not.
|
|
|
|
|
|
|
|
|
|
A file handle could be an example of a capability – it is a communication
|
|
|
|
|
channel between a process and the file management system. Suppose we
|
|
|
|
|
are focussing on security and access management to files: A file handle
|
|
|
|
|
could be used to control and manage permissions if a program that has the
|
|
|
|
|
privilege to access certain files could pass an unforgeable file handle to
|
|
|
|
|
one of those files to a program that lacks such access, and this is the only
|
|
|
|
|
way the less privileged program could get at those files.
|
|
|
|
|
|
|
|
|
|
Often the server wants to make sure that the client at one end of a
|
|
|
|
|
connection is the user it thinks it is, which fits exactly into the usual
|
|
|
|
|
definitions of capabilities. But more often, the server does not care who
|
|
|
|
|
the client is, but the client wants to make sure that the server at the other
|
|
|
|
|
end of the connection is the server he thinks it is, which, since it is the
|
|
|
|
|
client that initiates the connection, does not fit well into many existing
|
|
|
|
|
definitions of security by capabilities.
|
|
|
|
|
|
2022-02-16 00:53:01 -05:00
|
|
|
|
# Mapping between globally unique human readable names and public keys
|
|
|
|
|
|
|
|
|
|
The blockchain provides a Merkle-patricia dac of human readable names. Each
|
|
|
|
|
human readable name links to a list of signatures transferring ownership form
|
|
|
|
|
one public key to the next, terminating in an initial assignment of the name
|
|
|
|
|
by a previous block chain consensus. A client typically keeps a few leaves
|
|
|
|
|
of this tree. A host keeps the entire tree, and provides portions of the tree
|
|
|
|
|
to each client.
|
|
|
|
|
|
|
|
|
|
When two clients link up by human readable name, they make sure that they are
|
|
|
|
|
working off the same early consensus, the same initial grant of user name by
|
|
|
|
|
an old blockchain consensus, and also off the same more recent consensus,
|
|
|
|
|
for possible changes in the public key that has rightful ownership of that
|
|
|
|
|
name. If they see different Merkle hashes at the root of their trees, the
|
|
|
|
|
connection fails. Thus the blockchain they are working from has to be the
|
|
|
|
|
same originally, and also the same more recently.
|
|
|
|
|
|
|
|
|
|
This system ensures we know and agree what the public key associated with a
|
|
|
|
|
name is, but how do we find the network address?
|
|
|
|
|
|
|
|
|
|
# Mapping between public keys and nework addresses
|
|
|
|
|
|
|
|
|
|
## The Nameserver System
|
|
|
|
|
|
|
|
|
|
Typically someone is logged in to a host with an identity that looks like an
|
|
|
|
|
email address, `paf.foo.bar`, where`bar` is the name of a host that is
|
|
|
|
|
reliably up, and reliably on the network, and relatively easy to find
|
|
|
|
|
|
|
|
|
|
You can ask the host `bar` for the public key and *the network address* of
|
|
|
|
|
`foo.bar`, or conversely the login name and network address associated with
|
|
|
|
|
this public key. Of course these values are completely subject to the caprice
|
|
|
|
|
of the owner of `bar`. And, having obtained the network address of `foo.bar`,
|
|
|
|
|
you can then get the network address of `paf.foo.bar`
|
|
|
|
|
|
|
|
|
|
Suppose someone owns the name `paf`, and you can find the global consensus as
|
|
|
|
|
to what public key controls `paf`, but he does not have a stable network
|
|
|
|
|
address. He can instead provide a nameserver – another entity that will
|
|
|
|
|
provide a rendevous. If `paf` is generally logged in to `foo`, you can
|
|
|
|
|
contact `foo`, to get rendevous data for `bar.foo`, which is, supposing `foo`
|
|
|
|
|
to be well behaved, rendevous data for `bar`
|
|
|
|
|
|
|
|
|
|
Starting from a local list of commonly used name server names, keys, and
|
|
|
|
|
network addresses, you eventually get a live connection to the owner of that
|
|
|
|
|
public key, who tells you that at the time he received your message, the
|
|
|
|
|
information is up to date, and, for any globally unique human readable names
|
|
|
|
|
involved in setting up the connection, he is using the same blockchain as you
|
|
|
|
|
are using.
|
|
|
|
|
|
|
|
|
|
Your local list of network addresses may well rapidly become out of date.
|
|
|
|
|
Information about network addresses flood fills through the system in the
|
|
|
|
|
form of signed assertions about network addresses by owners of public keys,
|
|
|
|
|
with timeouts on those assertions, and where to find more up to date
|
|
|
|
|
information if the assertion has timed out, but we do not attempt to create a
|
|
|
|
|
global consensus on network addresses. Rather, the authoritative source of
|
|
|
|
|
information about a network address of a public key comes from successfully
|
|
|
|
|
performing a live connection to the owner of that public key. You can, and
|
|
|
|
|
probably should, choose some host as the decider on the current tree of
|
|
|
|
|
network addresses, but we don’t need to agree on the host. People can work
|
|
|
|
|
off slightly different mappings about network addresses with no global and
|
|
|
|
|
complete consensus. Mappings are always incomplete, out of date, and usually
|
|
|
|
|
incomplete and out of date in a multitude of slightly different ways.
|
|
|
|
|
|
|
|
|
|
We need a global consensus, a single hash of the entire blockchain, on what
|
|
|
|
|
public keys own what crypto currency and what human readable names. We do not
|
|
|
|
|
need a global consensus on the mapping between public keys and network
|
|
|
|
|
addresses.
|
|
|
|
|
|
|
|
|
|
What you would like to get is an assertion that `paf.foo.bar` has public key
|
|
|
|
|
such and such, and whatever you need to make network connection to
|
|
|
|
|
`paf.foo.bar`, but likely `paf.foo.bar` has transient public key, because his
|
|
|
|
|
identity is merely a username and login at `foo.bar`, and transient network
|
|
|
|
|
address, because he is behind nat translation. So you ask `bar` about
|
|
|
|
|
`foo.bar`, and `foo.bar` about `paf.foo.bar`, and when you actually contact
|
|
|
|
|
`paf.foo.bar`, then, and only then, you know you have reliable information.
|
|
|
|
|
But you don’t know how long it is likely to remain reliable, though
|
|
|
|
|
`paf.foo.bar` will tell you (and no other source of information is
|
|
|
|
|
authoritative, or as likely to be accurate).
|
|
|
|
|
|
|
|
|
|
Information about the mapping between public keys and network addresses that
|
|
|
|
|
is likely to be durable flood fills through the network of nameservers.
|
|
|
|
|
|
|
|
|
|
# logon identity
|
|
|
|
|
|
|
|
|
|
Often, indeed typically, `ann.foo` contacts `bob.bar`, and `bob.bar` needs
|
|
|
|
|
continuity information, needs to know that this is truly the same `ann.foo`
|
|
|
|
|
as contacted him last time – which is what we currently do with usernames and
|
|
|
|
|
passwords.
|
|
|
|
|
|
|
|
|
|
The name `foo` is rooted in a chain of signatures of public keys and requires
|
|
|
|
|
a global consensus on that chain. But the name `ann.foo` is rooted in logon
|
|
|
|
|
on `foo`. So `bob.bar` needs to know that `ann.foo` can log on with `foo`,
|
|
|
|
|
which `ann.foo` does by providing `bob.bar` with a public key signed by `foo`,
|
|
|
|
|
which might be a transient public key generated the last time she logged
|
|
|
|
|
on, which will disappear the moment her session on her computer shuts down,
|
|
|
|
|
or might be a durable public key. But if it is a durable public key, this
|
|
|
|
|
does not give her any added security, since `foo` can always make up a new
|
|
|
|
|
public key for anyone he decides to call `ann.foo` and sign it, so he might
|
|
|
|
|
as well put a timeout on the key, and `ann.foo` might as well discard it when
|
|
|
|
|
her computer turns off or goes into sleep mode. So, it is in everyone’s
|
|
|
|
|
interests (except that of attackers) that only root keys are durable.
|
|
|
|
|
|
|
|
|
|
`foo`’s key is durable, and information about it is published.`ann.foo`’s
|
|
|
|
|
key is transient, and information about it always obtained directly from
|
|
|
|
|
`ann.foo` as a result of `ann.foo` logging in with someone, or as a result of
|
|
|
|
|
someone contacting `foo` with the intent of logging in to `ann.foo`.
|
|
|
|
|
|
|
|
|
|
But suppose, as is likely, the network address of `foo` is not actually all
|
|
|
|
|
that durable, is perhaps behind a NAT. In that case, it may well be that to
|
|
|
|
|
contact `foo`, you need to contact `bar`.
|
|
|
|
|
|
|
|
|
|
So, `foo!bar` is `foo` logged in on `bar`, but not by a username and
|
|
|
|
|
password, but rather logged on by his durable public key, attested by the
|
|
|
|
|
blockchain consensus. So, you get an assertion, flood filled through the
|
|
|
|
|
nameservers, that the network address of the public key that the blockchain
|
|
|
|
|
asserts is the rightful controller of `foo`, is likely to be found at `foo!`
|
|
|
|
|
(public key of `bar`), or likely to be found at `foo!bar`.
|
|
|
|
|
|
|
|
|
|
Logons by durable public key will work exactly like logons by username and
|
|
|
|
|
password, or logons by derived name. It is just that the name of the entity
|
|
|
|
|
logged on has a different form..
|
|
|
|
|
|
|
|
|
|
Just as openssh has logons by durable public key, logons by public key
|
|
|
|
|
continuity, and logons by username and password, but once you are logged on,
|
|
|
|
|
it is all the same, you will be able to logon to `bob.bar` as `ann.bob.bar`,
|
|
|
|
|
meaning a username and password at `bob.bar`, as `ann.foo`, meaning `ann` has
|
|
|
|
|
a single signon at `foo`, a username and password at `foo`, or as `ann`,
|
|
|
|
|
meaning `ann` logs on to `bob.bar` with a public key attested by the
|
|
|
|
|
blockchain consensus as belonging to `ann`.
|
|
|
|
|
|
|
|
|
|
And if `ann` is currently logged on to `bob.bar` with a public key attested
|
|
|
|
|
by the blockchain consensus as belonging to `ann`, you can find the current
|
|
|
|
|
network address of `ann` by asking `bob.bar` for the network address of
|
|
|
|
|
`ann!bob.bar`
|
|
|
|
|
|
|
|
|
|
`ann.bob.bar` is whosoever `bob.bar` decides to call `ann.bob.bar`, but
|
|
|
|
|
`ann!bob.bar` is an entity that controls the secret key of `ann`, who is at
|
|
|
|
|
this moment logged onto `bob.bar`.
|
|
|
|
|
|
|
|
|
|
If `ann` asserts her current network address is likely to last a long time,
|
|
|
|
|
and is accessible without going through
|
|
|
|
|
|
|
|
|
|
`bob.bar` then that network address information will flood fill through the
|
|
|
|
|
network. Less useful network address information, however will not get far.
|