A stab at the sealer in E

Bill Frantz frantz@communities.com
Tue, 09 Nov 1999 15:21:08 -0800


At 10:27 AM 11/9/1999 -0800, hal@finney.org wrote:
>The first is that Freedom supplies application specific filters to
>check the outgoing data stream for privacy leaks.  IP packet headers
>contain the source IP address, and of course the system strips those out.
>However some protocols include this kind of information within the packet
>bodies as well, and Freedom has special software to check for this.
>I imagine that Pluribus must send the source IP address at least during
>its handshake protocol, and possibly at later times as well.  This would
>need to be changed somehow.

The "standard" way for one vat to locate another is thru the Vat Location
Service (VLS).  Vats are named by the hash of their public key, called a
vatID.  The VLS provides a lookup service which returns an IP where the
named vat will receive connections.

When Alice passes Bob a reference to Carol, all Bob knows about Carol is
Carol's vatID. 

To work with Freedom, the vat would have to register with the VLS using the
"entry to freedom to get to this vat" address.  I believe, that the VLS
uses the address of the other end of the TCP connection to define the
address thru which a VAT can be contacted in order to support Network
Address Translation.  A small miracle would allow a vat to contact the VLS
thru freedom and have everything "just work".

Port numbers are a different, but related problem.