Tyler Laing wrote:
I agree - it's very like bittorrent, but with different properties. With BitTorrent every client wants a complete replica, whereas with user rated content, we'd be happy if lower-rated content only resided on the hosts that specifically cared about it. We can afford to be much fuzzier here.Hi, That sounds remarkably like Bittorrent. If you check the internet archive or other sites, you should be able to find the Python code for Bittorrent before it was closed.
The difference from DNS is that DNS answers the question of "find me the host named x" whereas we would want "find me some nearby servers to pick from". Malicious entries would be much less of a concern - the worst damage you could do would be to either prevent a game server from showing up or to always make your own server look good. Neither attack is nearly as interesting as, for example, making yourself look like a bank.About server discovery, my concern is that most systems can be easily polluted with malicious entries. Look at all the issues with DNS (which is pretty much exactly what you propose), and what needs to be done to prevent ARP poisoning attacks. Any such system would have to be designed to distribute the authentication in a secure way. And if attackers have control over one or more nodes, it can be difficult to ensure authority and correctness without a centralized server, hence the Root DNS nodes.
It sounds like some interesting ideas, but the problems are ones that still stump PhD's...
As a PhD in training, maybe that's why I think these things would be cool :)
-Tyler
--Mike