Add comment about niwl RE: ofcp
This commit is contained in:
parent
74d719e504
commit
f64fc53be0
|
@ -8,20 +8,26 @@ as well as find new problems.
|
||||||
|
|
||||||
Here are the problems we know about:
|
Here are the problems we know about:
|
||||||
|
|
||||||
* **The User Experience of Metadata Resistance Tools**: Environments that offer
|
### **The User Experience of Metadata Resistance Tools**
|
||||||
|
|
||||||
|
Environments that offer
|
||||||
metadata resistance are plagued with issues that impact usability, e.g.
|
metadata resistance are plagued with issues that impact usability, e.g.
|
||||||
higher latencies than seen with centralized, metadata-driven systems, or dropped connections
|
higher latencies than seen with centralized, metadata-driven systems, or dropped connections
|
||||||
resulting from unstable anonymization networks. Additional research is needed to understand
|
resulting from unstable anonymization networks. Additional research is needed to understand
|
||||||
how users experience these kinds of failures, and how apps should handle and/or communicate them to users.
|
how users experience these kinds of failures, and how apps should handle and/or communicate them to users.
|
||||||
|
|
||||||
* **Scalability**: Heavily utilized Cwtch servers increase message latency, and
|
### **Scalability**
|
||||||
|
|
||||||
|
Heavily utilized Cwtch servers increase message latency, and
|
||||||
the resources a client requires to process messages. While Cwtch servers are
|
the resources a client requires to process messages. While Cwtch servers are
|
||||||
designed to be cheap and easy to set up, and Cwtch peers are encouraged to
|
designed to be cheap and easy to set up, and Cwtch peers are encouraged to
|
||||||
move around, there is a clear balance to be found between increasing the
|
move around, there is a clear balance to be found between increasing the
|
||||||
anonymity set of a given Cwtch server (to prevent targeted disruptions)
|
anonymity set of a given Cwtch server (to prevent targeted disruptions)
|
||||||
and the decentralization of Cwtch groups.
|
and the decentralization of Cwtch groups.
|
||||||
|
|
||||||
* **The (Online) First Contact Problem**: Cwtch requires that any two peers are
|
### **The (Online) First Contact Problem**
|
||||||
|
|
||||||
|
Cwtch requires that any two peers are
|
||||||
online at the same time before a key exchange/group setup is possible.
|
online at the same time before a key exchange/group setup is possible.
|
||||||
One potential way to overcome this is through encoding an additional public
|
One potential way to overcome this is through encoding an additional public
|
||||||
key and a Cwtch server address into a Cwtch peer identifier. This would allow
|
key and a Cwtch server address into a Cwtch peer identifier. This would allow
|
||||||
|
@ -33,15 +39,22 @@ Here are the problems we know about:
|
||||||
aim of disrupting new connections). However, the benefit of first contact
|
aim of disrupting new connections). However, the benefit of first contact
|
||||||
without an online key exchange is likely worth the potential DoS risk in many
|
without an online key exchange is likely worth the potential DoS risk in many
|
||||||
threat models.
|
threat models.
|
||||||
|
|
||||||
|
Note: Something like [niwl](https://git.openprivacy.ca/openprivacy/niwl) may now allow us to
|
||||||
|
overcome this problem via fuzzy message detection and offline message retrieval.
|
||||||
|
|
||||||
* **Reliability**: In Cwtch, servers have full control over the number of messages they store and for how long. This has
|
### **Reliability**
|
||||||
|
|
||||||
|
In Cwtch, servers have full control over the number of messages they store and for how long. This has
|
||||||
an unfortunate impact on the reliability of group messages: if groups choose an unreliable server, they might find
|
an unfortunate impact on the reliability of group messages: if groups choose an unreliable server, they might find
|
||||||
their messages have been dropped. While we provide a mechanism for detecting dropped/missing messages, we do not
|
their messages have been dropped. While we provide a mechanism for detecting dropped/missing messages, we do not
|
||||||
currently provide a way to recover from such failures. There are many possible strategies from asking peers to resend
|
currently provide a way to recover from such failures. There are many possible strategies from asking peers to resend
|
||||||
messages to moving to a different server, each one with benefits and drawbacks. A full evaluation of these approaches
|
messages to moving to a different server, each one with benefits and drawbacks. A full evaluation of these approaches
|
||||||
should be conducted to derive a practical solution.
|
should be conducted to derive a practical solution.
|
||||||
|
|
||||||
* **Discoverability** of Servers: Much of the strength of Cwtch rests on the assumption that peers and groups can change
|
### **Discoverability** of Servers
|
||||||
|
|
||||||
|
Much of the strength of Cwtch rests on the assumption that peers and groups can change
|
||||||
groups at any time, and that servers are untrusted and discardable. However, in this paper we have not introduced any
|
groups at any time, and that servers are untrusted and discardable. However, in this paper we have not introduced any
|
||||||
mechanism for finding new servers to use to host groups. We believe that such an advertising mechanism could be built
|
mechanism for finding new servers to use to host groups. We believe that such an advertising mechanism could be built
|
||||||
ver Cwtch itself.
|
ver Cwtch itself.
|
||||||
|
|
Loading…
Reference in New Issue