[cap-talk] Blue sky: I have a dream, cap-share

Sun Dec 17 11:57:16 CST 2006

On Dec 16, 2006, at 11:23 AM, Ian G wrote:

> Jed Donnelley wrote:
>
>
>> Suppose (infrastructure) people all have personal computers
>> that stay on and on the network.  Suppose everybody has
>> a private key identity (blue sky with me for a bit).  I really
>> think these are absolute requirements, but just for this
>> thought...
>
>
> I think there is one missing assumption:  that all users
> have real-fast access to each other.
>
> In practice this is unlikely.  Users might have X speed
> access to each other, but to servers, and between servers,
> they have something better, call it X/10 access.  Which
> means that any application such as "share this file" will
> tend to be implemented as "upload this file onto the server
> and share it there."  A bit like the caps application
> Wideword (sp?).
>
> How do you treat that assumption?

Your use of X/10 (divide) is confusing.  In today's
world, access between users is almost non-existent, except
for session sharing and P2P applications.  P2P is
widespread, but fraught with security problems.  Almost
everything secure goes through a server for good
reasons.  Once we have real POLA on the network, there
will be less need for things like firewalls (everything
entering my system should be signed by someone's
private key that I hold the public key for--anything else
will be sent to a virtual or sandbox machine with sufficient
protection for the packets to be examined for trojans, etc),
hence Jed's Blue Sky idea makes a lot more sense than
dumping it on a third party server.

Thus your assumption in today's world may be valid, but
it's not valid in a P2P Blue Sky world.  What you might
imagine is that everyone will have a private leased line
to their collaborators--this won't be the fact, but public
key cryptography certainly helps the fact.

One thing about public key cryptography that worries
me is that the recipient is still in the clear, and if someone
is monitoring the network, the sender is pretty obvious as
well.  It doesn't worry me a whole lot.  It just means that
there are plenty of opportunities for people to leak
capabilities if they wish too.  It means that capabilities
are inherently communicable and proxyable.

If we treat the document like a file on disk, and break it
up into pieces, I think that the time delay transferring between
clients will be minimal.  If you only upload deltas, the time
will be even quicker.

Will we ever see something like CVS/SVN in hardware?

You must be thinking PDFs, not something like HTML or XML.

If you really think that client to server is much faster, then
we can route all the packets that way.  But there's no need to
save the documents on the servers, in my mind.  Perhaps
if I owned the server, I would feel more comfortable.

I welcome your rebuttal.

John