Anonymous wrote:
... the file-trading network Gnutella is being threatened by misbehaving clients. In response, the developers are looking at limiting the network to only authorized clients:
This is the wrong solution. One of the important factors in the Internet's growth was that the IETF exercised enough control, but not too much. So HTTP is standardised, which allows (theoretically) any browser to talk to any web server. At the same time the higher levels are not standardised, so someone who has an idea for a better browser or web server is free to implement it. If you build a protocol which allows selfish behaviour, you have done your job badly. Preventing selfish behaviour in distributed systems is not easy, but that is the problem we need to solve. It would be a good discussion for this list.
Not discussed in the article is the technical question of how this can possibly work. If you issue a digital certificate on some Gnutella client, what stops a different client, an unauthorized client, from pretending to be the legitimate one?
Exactly. This has already happened with unauthorised AIM clients. My freedom to lie allows me to use GAIM rather than AOL's client. In this case, IMO, the ethics are the other way round. AOL seeks to use its (partial) monopoly to keep a grip on the IM market. The freedom to lie mitigates this monopoly to an extent. -- Pete --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com