On Tue, Apr 28, 2009 at 10:52 PM, Lucas Gonze <lucas@...> wrote:
>
> Are you expecting it to be used by nodes that cross an administrative
> boundary?

That's a very good question. The minimal answer is "Yes". The short
answer is that you don't rely on the storage servers for
confidentiality (all data is encrypted) nor for integrity (all data is
either hashed if immutable or signed if mutable), but you do rely on
the storage servers to be somewhat reliable. If any K (typically 3)
out of M (typically 10) of the storage servers are reachable and
well-behaved then you can use your file, so you don't require *high*
reliability from your servers, but you do require a certain reasonable
amount of reliability. Certainly it would fail if you just picked ten
random strangers from the Internet and hoped that at least three of
them would loyally store your file for you and make their servers
reachable when you wanted it. (Which is fairly close to what Mojo
Nation and Mnet and non-darknet-Freenet attempted.)

So this means that you don't have to entrust your secrets and the
integrity of your data to the server operators, but you do need some
reason to think that the server operators will keep maintaining the
servers and letting you connect to them in the future. The two kinds
of deployment so far are the allmydata.com use case in which a company
operates hundreds of servers and customers pay a monthly fee to get
access, and the friendnet (what Ian Clarke named "darknet") use case,
where a group of friends all let each other use their computers out of
love.

Regards,

Zooko