CAN’T BE EVIL

From IIW

Session Topic: Can’t Be Evil!

Tuesday 4C

Convener: John Light

'Notes-taker: Jack Senechal

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

- Zero Knowledge

-- of content on the system

-- of user's ID, IP, browser fingerprint, etc


- Open Source

-- you can't just state intent, you must be able to prove it

-- audit

-- identity exploits

-- validate claims


- Client Side Crypto

-- if the server can decrypt your stuff, the whole system falls apart


- Zero Trusted Entities

- Distributed

-- preferably p2p


Good crypto is not about trusting people, it's about trusting math. In math we trust.


Bitcoin is the first system to solve the Byzantine Generals problem.


Tahoe LAFS (least authority file system) is a Can't Be Evil system


There's some zero-knowledge Etherpad out there, maybe called PiratePad?


Bitcoin, NXT are good examples of CBE


Ripple is totally based on trust all around, so it may not fit.


Respect Network + XDI

=========

Q. If I have a cloud name, how do I find the service that's providing data for it?

XDI discovery. You get your cloud, register it with a cloud service provider that you choose, they register it with a name registry service. You look at the registry service for =markus, and they tell you where to find the cloud.


XDI is open and distributed, doesn't have to be only one registry.


Q. How do you avoid duplication across registries?


Right now you don't. Within the Respect Network there is one registry. The cloud service providers are decentralized.


If you run discovery on =markus, you get the location of the cloud, and the cloud number. Cloud name can change, the cloud number is a UUID that doesn't change.

The cloud number is not issued by a central registry, you generate it yourself. You can choose to register it with some registry. The registry will ensure that the number persists and give you a mechanism to change the name.

Can have multiple cloud names pointing to one number. Called synonyms.

Q. How much does a cloud name cost?

Neustar: CSBs pay $19 per registered user, up to 1m users. After that there will be a different price negotiated. We're not there yet.