- From: Harry Halpin <hhalpin@w3.org>
- Date: Thu, 27 Feb 2014 16:44:22 +0100
- To: carlo von lynX <lynx@time.to.swarm.psyced.org>
- CC: socialswarm-discussion@ml.foebud.org, "public-fedsocweb@w3.org" <public-fedsocweb@w3.org>
On 02/27/2014 04:12 PM, carlo von lynX wrote:
> On Thu, Feb 27, 2014 at 11:16:51AM +0100, Harry Halpin wrote:
>> P2P Internet-level neteworks are great for some use-cases, not for
>> others. For example, the only way to counter sybil attacks on p2p is
>> via institutional trust arrangements (i.e. a non-technical
> Hm, you have a way of stating your opinions as if they were facts.
> Reminds me of me, but I am trying to not let that happen anymore.
If you have another way, go for it and explain.
>
>> solution), of which one example is social networks. The so-called
>> "sybil-proof" trust frameworks do so by routing via a social network
>> exposing the social networks (at least within X hops) of the user.
>> That may work in some situations, but then leaks valuable social
>> network metadata. There's also latency issues which generally cause
> Which is perfectly fine in a social network which is entirely
> within that system and only visible to the people you have
> added as first or second degree friends. Although I doubt that
> "social" is the only possible solution strategy - GNUnet currently
> uses automated reputation/scoring systems if I am not mistaken.
> So that metadata argumentation is a bit aimed from the hip.
Almost all the academic work you cited was using social-networking based
routing. IMHO reputation systems are a effectively a variant of social
networking where the reputation is implicit rather than explicit as in
social networking. In that way, you can consider client-server systems
kinda the same thing where you pick a "trusted" server (trusted because
you know the sysadmins, trusted because it's not down all the time,
etc.). Again, all of these are basically non-technical solutions
(reputation is a social rather than technical construct), but rely on
social factors.
>
>> most p2p networks to evolve to scale-free nets to minimize the
>> number of hops. The Web is technically a client-server system due to
>> scalability (see Fielding's REST work). This is all very well-known.
> Since "This is all very well-known" has been disproven in previous
> mails it is legitimate to investigate. Modern P2P systems use relay
> nodes in the Internet backbone, thus scalability is just a question
> of developing similar distribution technology as is being used in
> distributed web server architectures ("the cloud"). That's what we
> do with secushare. So the advantages of the client-server are
> maintained, yet the disadvantages are not, because in a relay server
> network it doesn't matter which one you pick and it doesn't know
> what it is doing for you. Maybe we get to chat with Roy tomorrow at
> STRINT on the topic.
Feel free to bring it up with Roy and ping us back when Secushare starts
getting adoption. But again, strictly speaking, p2p internet routing is
out of scope for Web standards. You can always bring these kind of
protocols up at the IETF, where they would both be in scope and have an
outside security review.
>
>> In summary, I suspect that the W3C will continue to focus on the
>> Web, at least as regards standardization. Building a new Internet
>> etc. is out of scope. However, best of luck with all other
>> approaches and keep us up to date (particularly when adoption takes
>> off).
Received on Thursday, 27 February 2014 15:44:33 UTC