[messaging] GNU Name System

[David Leon Gil]

On Sun, Oct 5, 2014 at 5:01 PM, D. J. Bernstein <djb at cr.yp.to> wrote:
> Am I the only one who's bothered by all the effort to build naming/PKI
> systems that put, e.g., VeriSign and Google and anyone who compromises
> them in control of all communications between Alice and Bob?

Not building. They exist today.

I think that Greg is bothered by CT too.

I'm less bothered; I think CT offers an immediate and substantial
benefit. (I think perspectives on the degree of benefit differ mainly
depending on which rumors one has heard about MitM CA certs for
non-state actors.)

> The traditional view is that maximum-security decentralized systems
> can't be usable, so we have to compromise on security, typically by
> trusting centralized third parties.

I very much doubt most people on this list believe that.

> The reason I'm writing now is that I
> think most people here haven't yet heard of the GNU Name System, a
> _usable_ maximum-security decentralized naming system:
>
>    https://gnunet.org/sites/default/files/paper_cans2014_camera_ready.pdf

Some problems with this paper (which I saw an earlier version of as
well, I think):

- Doesn't describe how the DHT will work. The details are critical to
security and scalability.

- Doesn't, as best I can tell, provide any way to deal with spam in
the global namespace. (I.e., spammers, phishers, et hoc genus omnes
will rapidly register every memorable/short/confusable name.)[*]

I'll note that the query privacy section (section 4) seems to give a
decent enough design. But that's really the only part of the paper
that is fleshed out enough to bother with. I would, however, be very
interested to learn more details about the design.

[*] In a system without PoWs, there doesn't seem to be a good way of
preventing this without a "trusted third-party". But you only need to
trust the third-party to not register "address spam".