[Pearg] GNUnet as peer-to-peer framework with very strong privacy focus

Hernâni Marques (p≡p project) <hernani@pep-project.org> Wed, 18 July 2018 21:15 UTC

Return-Path: <hernani@pep-project.org>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC2F7131057 for <pearg@ietfa.amsl.com>; Wed, 18 Jul 2018 14:15:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.62
X-Spam-Level:
X-Spam-Status: No, score=-1.62 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Idzeu9F-alba for <pearg@ietfa.amsl.com>; Wed, 18 Jul 2018 14:15:44 -0700 (PDT)
Received: from dragon.pibit.ch (dragon.pibit.ch [94.231.81.244]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CF48130FAB for <pearg@irtf.org>; Wed, 18 Jul 2018 14:15:44 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id CCDB5171C06E; Wed, 18 Jul 2018 23:15:41 +0200 (CEST)
Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fA-LCF72Ds0m; Wed, 18 Jul 2018 23:15:39 +0200 (CEST)
Received: from [172.16.6.3] (unknown [66.171.165.154]) by dragon.pibit.ch (Postfix) with ESMTPSA id 2F520171C057; Wed, 18 Jul 2018 23:15:39 +0200 (CEST)
To: pearg@irtf.org
From: =?UTF-8?B?SGVybsOibmkgTWFycXVlcyAocOKJoXAgcHJvamVjdCk=?= <hernani@pep-project.org>
Openpgp: preference=signencrypt
Cc: Christian Grothoff <grothoff@gnunet.org>
Message-ID: <b2d23a2d-1750-7a72-a63b-770b84d3eca5@pep-project.org>
Date: Wed, 18 Jul 2018 23:15:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GdZ8PRWtOBLNt24dE6Oeecl9pajhyHeE3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/zz_YSOcgBZSvgEpotuSSc3ceBQA>
Subject: [Pearg] GNUnet as peer-to-peer framework with very strong privacy focus
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jul 2018 21:15:49 -0000

Dear PEARG group

Thanks for the interesting meeting yesterday, where I was the first time.

Immediately after the meeting I approached Sara & Shivan to tell them
that I think GNUnet could be a project to have a close look at, as not
just requirements are defined, but you also find lots of running code (>
400k LOC).

It's a peer-to-peer framework to "replace the old insecure Internet
stack" (in own words, cf. gnunet.org); the GNUnet project has a strong
emphasis on protecting privacy at all levels (including link level) and
also explores ways to achieve trust without relying on X.509 PKIs.

The most comprehensive document about GNUnet and its principles is this
habil work:

https://grothoff.org/christian/habil.pdf

As also DNS / name resolution privacy was a topic yesterday, it's
noteworthy to say that Christian (main dev and Prof. at BFH) recently
could show us decentralized name resolution working with the GNU Name
System (GNS), resolving .FR domains (which were imported into the GNUnet
DHT) as this can easily be imported from official sources; this would
also apply for the .SE zone.

You find an interesting analysis of DNS's issues in terms of privacy,
comparing it to, e.g., namecoin and also GNS, here:

https://gnunet.org/sites/default/files/ns2018.pdf

PS:
As pEp Foundation, working on opportunistic encryption for email as of
now, we also collaborate with the GNUnet project and also help to
finance its developemnt - at some point we want to send messages through
this P2P framework deployed through MUAs instead, so that for email SMTP
could become a secondary choice as a transport. The corresponding
subsystem for that is called CADET - you can also find everything about
it in the above mentioned habil.

PPS:
GNUnet is heavily academically rootet since almost two decades already;
cf. here:

https://gnunet.org/bibliography

These days, emphasis in being put on having it easy installable and thus
deployable for different ends ranging from file sharing, messaging, name
resolution or also voice.

PPPS:
Christian and other people of the project might subscribe to this list,
too. I put Christian CC for now.