Re: [Din] [OPSEC] blockchain for IP addresses draft update
Jordi Paillissé Vilanova <jordip@ac.upc.edu> Wed, 04 July 2018 15:50 UTC
Return-Path: <jordip@ac.upc.edu>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C054130E6C; Wed, 4 Jul 2018 08:50:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3zOPeRILVRne; Wed, 4 Jul 2018 08:50:33 -0700 (PDT)
Received: from roura.ac.upc.es (roura.ac.upc.es [147.83.33.10]) by ietfa.amsl.com (Postfix) with ESMTP id 93CF112785F; Wed, 4 Jul 2018 08:50:32 -0700 (PDT)
Received: from correu-1.ac.upc.es (correu-1.ac.upc.es [147.83.30.91]) by roura.ac.upc.es (8.13.8/8.13.8) with ESMTP id w64FoIqD012465; Wed, 4 Jul 2018 17:50:18 +0200
Received: from [147.83.35.232] (dync-35-232.ac.upc.es [147.83.35.232]) by correu-1.ac.upc.es (Postfix) with ESMTPSA id 1CED1283; Wed, 4 Jul 2018 17:50:13 +0200 (CEST)
To: "Roque Gagliano (rogaglia)" <rogaglia@cisco.com>, David Mazieres expires 2018-09-30 PDT <mazieres-pebagr7ysjghwpqkcqqnjjf4ta@temporary-address.scs.stanford.edu>, "sidrops@ietf.org" <sidrops@ietf.org>, "din@irtf.org" <din@irtf.org>, Stephane Bortzmeyer <bortzmeyer@nic.fr>, "sandy@tislabs.com" <sandy@tislabs.com>, Greg Skinner <gregskinner0@icloud.com>, "leo@vegoda.org" <leo@vegoda.org>, "Alberto Rodriguez Natal (natal)" <natal@cisco.com>, "Vina Ermagan (vermagan)" <vermagan@cisco.com>, "Fabio Maino (fmaino)" <fmaino@cisco.com>, Albert Cabellos <acabello@ac.upc.edu>, "opsec@ietf.org" <opsec@ietf.org>
References: <153028668788.30332.9615982545028670114.idtracker@ietfa.amsl.com> <fbe24301-9827-090d-d1e6-fd60fd2de7f7@ac.upc.edu> <87lgat633l.fsf@ta.scs.stanford.edu> <ee6d93bf-6f79-a4a9-9f1e-a786860f9c5b@ac.upc.edu> <9BC0DE80-D827-414B-916B-C102C3460563@cisco.com>
From: Jordi Paillissé Vilanova <jordip@ac.upc.edu>
Message-ID: <56694f02-cf91-8569-c57f-7f3c319a7e9f@ac.upc.edu>
Date: Wed, 04 Jul 2018 17:50:13 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <9BC0DE80-D827-414B-916B-C102C3460563@cisco.com>
Content-Type: multipart/alternative; boundary="------------C635D4B6DCE5FBC5E32EEF32"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/yqqtA-CqL_7800sZ_k7creFlTk4>
X-Mailman-Approved-At: Wed, 04 Jul 2018 21:08:57 -0700
Subject: Re: [Din] [OPSEC] blockchain for IP addresses draft update
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jul 2018 15:50:40 -0000
Hi Roque, We have built an open-source prototype [1], and it works like you mentioned: the genesis block includes the public keys that the RP has to trust. It is a one-time action in which you trust the source code and the keys contained in it. Thanks for your comments, we'll include them in the next version. Regards, Jordi [1] https://github.com/OpenOverlayRouter/blockchain-mapping-system El 04/07/18 a les 14:09, Roque Gagliano (rogaglia) ha escrit: > > Hi Jordi, > > Very good document. > > I hate to ask things without providing code but I believe it would be > great if you add a section regarding the “relying party”, how would > the validation algorithm would look like and what is the bootstrap > process. I can see that some public key info would need to be known by > the RP. > > Regards, > > Roque > > *From: *OPSEC <opsec-bounces@ietf.org> on behalf of Jordi Paillissé > Vilanova <jordip@ac.upc.edu> > *Date: *Wednesday 4 July 2018 at 13:28 > *To: *David Mazieres expires 2018-09-30 PDT > <mazieres-pebagr7ysjghwpqkcqqnjjf4ta@temporary-address.scs.stanford.edu>, > "sidrops@ietf.org" <sidrops@ietf.org>, "din@irtf.org" <din@irtf.org>, > Stephane Bortzmeyer <bortzmeyer@nic.fr>, "sandy@tislabs.com" > <sandy@tislabs.com>, Greg Skinner <gregskinner0@icloud.com>, > "leo@vegoda.org" <leo@vegoda.org>, "Alberto Rodriguez Natal (natal)" > <natal@cisco.com>, "Vina Ermagan (vermagan)" <vermagan@cisco.com>, > "Fabio Maino (fmaino)" <fmaino@cisco.com>, Albert Cabellos > <acabello@ac.upc.edu>, "opsec@ietf.org" <opsec@ietf.org> > *Subject: *Re: [OPSEC] [Din] blockchain for IP addresses draft update > > Hi David, > > Indeed, we did not delve deeper into the PoS algorithm. This depends > on the specific implementation, our opinion is that an Algroand-like > would be a good option, and if it can tolerate a large portion of > offline participants even better. In addition, we think that punishing > or deposit mechanisms are not desirable because they don't fit the > characteristics of the scenario. Overall the incentive is "a more > secure Internet", we believe that this is well-aligned with the > economical interests of the participants. > > Regarding SCP, the fact that you only need to trust your neighbours > may prove very convenient in this scenario. As you said, it reflects > current Internet trust schemes, this basically means that BGP Peering > = Trust = Stellar quorum slices. We'll look into this for the next > iteration of the draft. > > Thanks > > Jordi > > El 02/07/18 a les 17:59, David Mazieres ha escrit: > > Jordi Paillissé Vilanova<jordip@ac.upc.edu> <mailto:jordip@ac.upc.edu> writes: > > (apologies for cross-posting) > > Dear all, > > We have submitted a new version of the draft addressing comments > > received both on the mailing list and IETF meetings. > > Thanks to all of you for taking the time to read the draft :) > > Regards, > > Jordi > > Very interesting draft. One high-level comment, I would avoid terms > > like "tamper-proof" or really anything-"proof" except possibly in the > > context of information-theoretic security, in favor of tamper-resistant. > > This is particularly important in the context of blockchains that have > > experienced a number of forks in practice and where it would likely take > > only a few tens of millions of dollars a day to tamper with history. > > I think the draft would benefit from a much finer-grained consideration > > of several different forms of proof-of-stake, because there are a number > > of assertions that do not hold for all forms of proof of stake. E.g., > > will there be delegation like peercoin, randomization like algorand, > > penalties like Casper, sleepy nodes like snowwhite? > > And while of course I'm biased on this issue, I think that a > > Byzantine-agreement-based approach like SCP > > (https://datatracker.ietf.org/doc/draft-mazieres-dinrg-scp/) would work > > better than PoS. SCP is well matched to the Internet peering model, > > which we already know is a workable decentralized governance model. You > > may not agree, but it would at least be nice for the document to explain > > why you reject this approach. > > David > > >
- [Din] blockchain for IP addresses draft update Jordi Paillissé Vilanova
- Re: [Din] blockchain for IP addresses draft update David Mazieres
- Re: [Din] [OPSEC] blockchain for IP addresses dra… Jordi Paillissé Vilanova
- Re: [Din] [OPSEC] blockchain for IP addresses dra… Roque Gagliano (rogaglia)
- Re: [Din] blockchain for IP addresses draft update Jordi Paillissé Vilanova