[Freedombox-discuss] Initial Santiago Developer Release
Nick M. Daly
nick.m.daly at gmail.com
Wed Mar 28 21:13:46 UTC 2012
I just realized one of those important things I forgot to mention in the
last email:
On Mon, 26 Mar 2012 22:07:29 -0500, Nick M. Daly <nick.m.daly at gmail.com> wrote:
> Hi folks, I'm rather proud to provide an initial Santiago release.
>
> After getting tired of trying to over-engineer the program, I've gone
> back to basics and tried to make it as simple as it could possibly be.
> That's why this version is called "simple_santiago.py". The tests
> haven't been updated and it still doesn't sign or verify requests with
> PGP keys but, for a developer preview, it works. Adding PGP signing and
> verification should be pretty trivial but I just wanted to make sure I
> got the functional structure in there first.
If you, or anyone you know, can or is qualified to review the structure
and concept behind Santiago, please tear it apart. I want this to be
small, simple, and right. At under 400 lines, it's definitely the
first, I hope it's the second, but I can't prove the third. It's never
been adversarially reviewed. When complete (when PGP key verification
is added), it should:
- Allow unforgeable identity and location statements to be passed
between trusted parties with near-zero outside observation.
- Use the Tor network as one of many potential routing back-ends.
- Remain unforgeable (if detectable) even over a fully hostile (Tor/I2P,
etc) network.
If it fails at any of these, then it needs to be reworked. I don't
think this is a Zooko-like situation here, we aren't squaring the
circle (I believe these are non-competitive ends).
I'll probably break it into separate modules soon (breaking the core
logic out from each routing method, allowing us to add more methods more
easily), but its current simplicity makes structural hacking easier. If
I need to tear it all up (again), it's best to do it now.
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120328/448fce8e/attachment.pgp>
More information about the Freedombox-discuss
mailing list