shortening names

Preparatory to creating a proper link browse structure
2022-07-08 17:05:24 +10:00 · 2022-07-08 17:05:24 +10:00 · 40dc88a37b
commit 40dc88a37b
parent a7e2e65b62
8 changed files with 144 additions and 136 deletions
--- a/docs/index.md
+++ b/docs/index.md
@ -145,4 +145,4 @@ worth, probably several screens.
 - [How to do VPNs right](how_to_do_VPNs.html)
 - [How to prevent malware](safe_operating_system.html)
 - [The cypherpunk program](cypherpunk_program.html)
- [Replacing TCP and UDP](replacing_TCP.html)
+- [Replacing TCP and UDP](names/TCP.html)
--- a/docs/libraries.md
+++ b/docs/libraries.md
@ -833,7 +833,7 @@ which could  receive a packet at any time.  I need to look at the
 GameNetworkingSockets code and see how it listens on lots and lots of
 sockets.  If it uses [overlapped IO], then it is golden.  Get it up first, and it put inside a service later.
-[Overlapped IO]:client_server.html#the-select-problem
+[Overlapped IO]:server.html#the-select-problem
 {target="_blank"}
 The nearest equivalent Rust application gave up on congestion control, having programmed themselves into a blind alley.
--- a/docs/names/replacing_TCP.md
+++ b/docs/names/replacing_TCP.md
@ -91,7 +91,7 @@ ECN tagged packets are dropped
 Raw sockets provide greater control than UDP sockets, and allow you to
 do ICMP like things through ICMP.
-I also have a discussion on NAT hole punching, [peering through nat](peering_through_nat.html), that
+I also have a discussion on NAT hole punching, [peering through nat](nat.html), that
 summarizes various people's experience.
 To get an initial estimate of the path MTU, connect a datagram socket to
--- a/docs/names/name_system.md
+++ b/docs/names/name_system.md
@ -11,10 +11,10 @@ to its name server, which will henceforth direct people to that wallet. If
 the wallet has a network accessible tcp and/or UDP address it directs people
 to that address (one port only, protocol negotiation will occur once the
 connection is established, rather than protocols being defined by the port
-number). If not, will direct them to a UDT4 rendevous server, probably itself.
+number). If not, will direct them to a UDT4 rendezvous server, probably itself.
 We probably need to support [uTP for the background download of bulk data].
-This also supports rendevous routing, though perhaps in a different and
+This also supports rendezvous routing, though perhaps in a different and
 incompatible way, excessively married to the bittorrent protocol.We might
 find it easier to construct our own throttling mechanism in QUIC,
 accumulating the round trip time and square of the round trip time excluding
@ -205,6 +205,129 @@ hosting your respectable username that you do not use much.
 We also need a state religion that makes pretty lies low status, but that is
 another post.
 #True Names and TCP
 Vernor Vinge [made the point](http://www.amazon.com/True-Names-Opening-Cyberspace-Frontier/dp/0312862075) that true names are an instrument of
 government oppression. If the government can associate your true name
 with your actions, it can punish you for those actions. If it can find the true
 names associated with a transaction, it is a lot easier to tax that transaction.
 Recently there have been moves to make your cell phone into a wallet. A
 big problem with this is that cell phone cryptography is broken. Another
 problem is that cell phones are not necessarily associated with true names,
 and as soon as the government hears that they might control money, it
 starts insisting that cell phones *are* associated with true names. The phone
 companies don’t like this, for if money is transferred from true name to
 true name, rather than cell phone to cell phone, it will make them a servant
 of the banking cartel, and the bankers will suck up all the gravy, but once
 people start stealing money through flaws in the encryption, they will be
 depressingly grateful that the government can track account holders down
 and punish them – except, of course, the government probably will not be
 much good at doing so.
 TCP is all about creating connections.  It creates connections between
 network addresses, but network addresses correspond to the way networks
 are organized, not the way people are organized, so on top of networks we
 have domain names.
 TCP therefore establishes a connection *to* a domain name rather than a
 mere network address – but there is no concept of the connection coming
 *from* anywhere humanly meaningful.
 Urns are “uniform resource names”, and uris are “uniform resource identifiers” and urls are “uniform resource locators”, and that is what the
 web is built out of. 
 There are several big problems with urls:
 1. They are uniform: Everyone is supposed to agree on one domain
   name for one entity, but of course they don’t.  There is honest and
   reasonable disagreement as to which jim is the “real” jim, because
   in truth there is no one real jim, and there is fraud, as in lots of
   people pretending to be Paypal or the Bank of America, in order to
   steal your money.
 2. They are resources: Each refers to only a single interaction, but of
   course relationships are built out of many interactions.  There is no
   concept of a connection continuing throughout many pages, no
   concept of logon.  In building urls on top of TCP, we lost the
   concept of a connection.  And because urls are built out of TCP
   there is no concept of the content depending on both ends of the
   connection – that a page at the Bank might be different for Bob than
   it is for Carol – that it does in reality depend on who is connected is
   a kluge that breaks the architecture.
   Because security (ssl, https) is constructed below the level of a
   connection, because it lacks a concept of connection extending
   beyond a single page or a single url, a multitude of insecurities
   result. We want https and ssl to secure a connection, but https and
   ssl do not know there are such things as logons and connections.
 That domain names and hence urls presuppose agreement, agreement
 which can never exist, we get cybersquatting and phishing and
 suchlike.
 That connections and logons exist, but are not explicitly addressed by the
 protocol leads to such attacks as cross site scripting and session fixation.
 A proposed fix for this problem is yurls, which apply Zooko’s triangle to
 the web: One adds to the domain name a hash of a rule for validating the
 public key, making it into Zooko’s globally unique identifier.  The
 nickname (non unique global identifier) is the web page title, and the
 petname (locally unique identifier) is the title under which it appears in
 your bookmark list, or the link text under which it appears in a web page.
 This, however, breaks normal form.  The public key is an attribute of the
 domain, while the nickname and petnames are attributes of particular web
 pages – a breach of normal form related to the loss of the concept of
 connection – a breach of normal form reflecting the fact that that urls
 provide no concept of a logon, a connection, or a user.  
 OK, so much for “uniform”.  Instead of uniform identifiers, we should
 have zooko identifiers, and zooko identifiers organized in normal form.
 But what about “resource”, for “resource” also breaks normal form.
 Instead of “resources”, we should have “capabilities”.  A resource
 corresponds to a special case of a capability, a resource is a capability
 that that resembles a read only file handle. But what exactly are "capabilities”?
 People with different concepts about what is best for computer security
 tend to disagree passionately and at considerable length about what the
 word “capability” means, and will undoubtedly tell me I am a complete
 moron for using it in the manner that I intend to use it, but barging ahead anyway:
 A “capability” is an object that represents one end of a communication
 channel, or information that enables an entity to obtain such a channel, or
 the user interface representation of such a channel, or such a potential
 channel. The channel enables the possessor of the capability to do stuff to
 something, or get something.  Capabilities are usually obtained by being
 passed along the communication channel. Capabilities are usually
 obtained from capabilities, or inherited by a running instance of a program
 when the program is created, or read from storage after originally being
 obtained by means of another capability.
 This definition leaves out the issue of security – to provide security,
 capabilities need to be unforgeable or difficult to guess.  Capabilities are
 usually defined with the security characteristics central to them, but I am
 defining capabilities so that what is central is connections and managing
 lots of potential connection.  Sometimes security and limiting access is a
 very important part of management, and sometimes it is not.
 A file handle could be an example of a capability – it is a communication
 channel between a process and the file management system.  Suppose we
 are focussing on security and access management to files: A file handle
 could be used to control and manage permissions if a program that has the
 privilege to access certain files could pass an unforgeable file handle to
 one of those files to a program that lacks such access, and this is the only
 way the less privileged program could get at those files.
 Often the server wants to make sure that the client at one end of a
 connection is the user it thinks it is, which fits exactly into the usual
 definitions of capabilities.  But more often, the server does not care who
 the client is, but the client wants to make sure that the server at the other
 end of the connection is the server he thinks it is, which, since it is the
 client that initiates the connection, does not fit well into many existing
 definitions of security by capabilities.
 # Mapping between globally unique human readable names and public keys
 The blockchain provides a Merkle-patricia dac of human readable names. Each
--- a/docs/names/peering_through_nat.md
+++ b/docs/names/peering_through_nat.md
@ -4,11 +4,11 @@ title: Peering through NAT
 ...
 A library to peer through NAT is a library to replace TCP, the domain
 name system, SSL, and email.  This is covered at greater length in
-[Replacing TCP](replacing_TCP.html)
+[Replacing TCP](TCP.html)
 # Implementation issues
-There is a great [pile of RFCs](./replacing_TCP.html) on issues that arise with using udp and icmp
+There is a great [pile of RFCs](TCP.html) on issues that arise with using udp and icmp
 to communicate.
 ## timeout
--- a/docs/names/client_server.md
+++ b/docs/names/client_server.md
@ -1,24 +1,24 @@
 ---
-title: Client Server Data Representation
+title: Server Data Representation
 ...
 # related
-[Replacing TCP, SSL, DNS, CAs, and TLS](replacing_TCP.html){target="_blank"}
+[Replacing TCP, SSL, DNS, CAs, and TLS](TCP.html){target="_blank"}
-# clients and hosts, masters and slaves
+# clients and hosts, masters and servers
-A slave does the same things for a master as a host does for a client.
+A server does the same things for a master as a host does for a client.
-The difference is how identity is seen by third parties.  The slaves identity
+The difference is how identity is seen by third parties.  The servers identity
-is granted by the master, and if the master switches slaves, third parties
+is granted by the master, and if the master switches servers, third parties
 scarcely notice.  It the same identity.  The client's identity is granted by the
 host, and if the client switches hosts, the client gets a new identity, as for
 example a new email address.
 If we use [Pake and Opaque](libraries.html#opaque-password-protocol) for client login, then all other functionality  of
 the server is unchanged, regardless of whether the server is a host or a
-slave.  It is just that in the client case, changing servers is going to change
+server.  It is just that in the client case, changing servers is going to change
 your public key.
 Experience with bitcoin is that a division of responsibilities, as between Wasabi wallet and Bitcoin core, is the way to go - that the peer to peer networking functions belong in another process, possibly running on
@ -31,16 +31,18 @@ desires, and contradictory functions.  Ideally one would be in a basement
 and generally turned off, the other in the cloud and always on.
 Plus, I have come to the conclusion that C and C++ just suck for
-networking apps.  Probably a good idea to go Rust for the slave or host.
+networking apps.  Probably a good idea to go Rust for the server or host.
 The wallet is event oriented, but only has a small number of concurrent
-tasks.  A host or slave is event oriented, but has a potentially very large
+tasks.  A host or server is event oriented, but has a potentially very large
 number of concurrent tasks.  Rust has no good gui system, there is no
 wxWidgets framework for Rust.  C++ has no good massive concurrency
 system, there is no Tokio for C++.
-Where do we put the gui for controlling the slave?  In the master, of
+Where do we put the gui for controlling the server?  In the master, of
 course.
 Where do we put the networking stuff? in the server.
 # the select problem
 To despatch an `io` event, the standard is `select()`.  Which standard sucks
@ -102,7 +104,7 @@ Linux people recommended a small number of threads, reflecting real hardware thr
 I pray that that wxWidgets takes care of mapping windows asynchronous sockets to their near equivalent functionality on Linux.
-But writing a server/host/slave for Linux is fundamentally different to
+But writing a server/host/server for Linux is fundamentally different to
 writing one for windows.  Maybe we can isolate the differences by having
 pure windows sockets, startup and shutdown code, pure Linux sockets,
 startup and shutdown code, having the sockets code stuff data to and from
--- a/docs/names/true_names_and_TCP.md
+++ b/docs/names/true_names_and_TCP.md
@ -1,117 +0,0 @@
 ---
 lang: en
 title: True Names and TCP
 ---
 Vernor Vinge [made the point](http://www.amazon.com/True-Names-Opening-Cyberspace-Frontier/dp/0312862075) that true names are an instrument of
 government oppression. If the government can associate
 your true name with your actions, it can punish you for
 those actions. If it can find the true names associated
 with a transaction, it is a lot easier to tax that
 transaction.
 Recently there have been moves to make your cell phone
 into a wallet. A big problem with this is that cell
 phone cryptography is broken. Another problem is that
 cell phones are not necessarily
 associated with true names, and as soon as the government hears
 that they might control money, it starts insisting that cell phones
 *are* associated with true names. The phone companies don’t like
 this, for if money is transferred from true name to true name, rather
 than cell phone to cell phone, it will make them a servant of the
 banking cartel, and the bankers will suck up all the gravy, but once
 people start stealing money through flaws in the encryption, they
 will be depressingly grateful that the government can track account
 holders down and punish them – except, of course, the government
 probably will not be much good at doing so.
 TCP is all about creating connections.  It creates connections between network addresses, but network addresses correspond to
 the way networks are organized, not the way people are organized,
 so on top of networks we have domain names.
 TCP therefore establishes a connection *to* a domain name rather
 than a mere network address – but there is no concept of the
 connection coming *from* anywhere humanly meaningful.
 Urns are “uniform resource names”, and uris are “uniform resource identifiers” and urls are “uniform resource locators”, and that is what the web is built out of. 
 There are several big problems with urls:
 1.  They are uniform: Everyone is supposed to agree on one domain name for one entity, but of course they don’t.  There is honest and reasonable disagreement as to which jim is the “real” jim, becaŭse in truth there is no one real jim, and there is fraŭd, as in lots of people pretending to be Paypal or the Bank of America, in order to steal your money.
 2. They are resources: Each refers to only a single interaction,
   but of course relationships are built out of many
   interactions.  There is no concept of a connection continuing
   throughout many pages, no concept of logon.  In building
   urls on top of TCP, we lost the concept of a connection.  And
   because urls are built out of TCP there is no concept of the
   content depending on both ends of the connection – that a
   page at the Bank might be different for Bob than it is for
   Carol – that it does in reality depend on who is connected is
   a kluge that breaks the architecture.
   Because security (ssl, https) is constructed below the level of
   a connection, because it lacks a concept of connection
   extending beyond a single page or a single url, a multitude of
   insecurities result. We want https and ssl to secure a
   connection, but https and ssl do not know there are such
   things as logons and connections.
 That domain names and hence urls presuppose agreement, agreement
 which can never exist, we get cybersquatting and phishing and
 suchlike.
 That connections and logons exist, but are not explicitly addressed
 by the protocol leads to such attacks as cross site scripting and
 session fixation.
 A proposed fix for this problem is yurls, which apply Zooko’s
 triangle to the web: One adds to the domain name a hash of a rule
 for validating the public key, making it into Zooko’s globally unique
 identifier.  The nickname (non unique global identifier) is the web
 page title, and the petname (locally unique identifier) is the title
 under which it appears in your bookmark list, or the link text under
 which it appears in a web page.
 This, however, breaks normal form.  The public key is an attribute of the domain, while the nickname and petnames are attributes of particular web pages – a breach of normal form related to the loss of the concept of connection – a breach of normal form reflecting the fact that that urls provide no concept of a logon, a connection, or a user.  
 OK, so much for “uniform”.  Instead of uniform identifiers, we
 should have zooko identifiers, and zooko identifiers organized in
 normal form.  But what about “resource”, for “resource” also breaks
 normal form.
 Instead of “resources”, we should have “capabilities”.  A resource
 corresponds to a special case of a capability, a resource is a
 capability that that resembles a read only file handle. But what
 exactly are “capabilities”?
 People with different concepts about what is best for computer security tend to disagree passionately and at considerable length about what the word “capability” means, and will undoubtedly tell me I am a complete moron for using it in the manner that I intend to use it, but barging ahead anyway:
 A “capability” is an object that represents one end of a
 communication channel, or information that enables an entity to
 obtain such a channel, or the user interface representation of such a
 channel, or such a potential channel. The channel enables the
 possessor of the capability to do stuff to something, or get
 something.  Capabilities are usually obtained by being passed along
 the communication channel. Capabilities are usually obtained from
 capabilities, or inherited by a running instance of a program when
 the program is created, or read from storage after originally being
 obtained by means of another capability.
 This definition leaves out the issue of security – to provide security, capabilities need to be unforgeable or difficult to guess.  Capabilities are usually defined with the security characteristics central to them, but I am defining capabilities so that what is central is connections and managing lots of potential connection.  Sometimes security and limiting access is a very important part of management, and sometimes it is not.
 A file handle could be an example of a capability – it is a
 communication channel between a process and the file
 management system.  Suppose we are focussing on security and
 access management to files: A file handle could be used to control
 and manage permissions if a program that has the privilege to
 access certain files could pass an unforgeable file handle to one of
 those files to a program that lacks such access, and this is the only
 way the less privileged program could get at those files.
 Often the server wants to make sure that the client at one end of a
 connection is the user it thinks it is, which fits exactly into the usual
 definitions of capabilities.  But more often, the server does not care
 who the client is, but the client wants to make sure that the server
 at the other end of the connection is the server he thinks it is,
 which, since it is the client that initiates the connection, does not fit
 well into many existing definitions of security by capabilities.
--- a/docs/parsers.md
+++ b/docs/parsers.md
@ -74,7 +74,7 @@ polish order, thus implicitly executing a stack of run time typed operands,
 which eventually get compiled and eventually executed as just-in-time typed
 or statically typed operands and operators.
-For [identity](identity.html), we need Cryptographic Resource Identifiers,
+For [identity](names/identity.html), we need Cryptographic Resource Identifiers,
 which cannot conform the “Universal” Resource Identifier syntax and semantics.
 Lexers are not powerful enough, and the fact that they are still used