[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] Hello! (brief introduction and lots of questions

From: Christian Grothoff
Subject: Re: [GNUnet-developers] Hello! (brief introduction and lots of questions)
Date: Thu, 13 Jun 2019 00:45:11 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1

Hi Olie,

Some answers inline below...

On 6/12/19 9:01 PM, Olie Ayre wrote:
> ### 1: How might I "serve" files?
> At the moment, I have a little 1GB VPS on which I host a
> personal website and a project website. What I'd like to know
> is what the equivalent to this sort of thing would be with
> GNUnet. I heard it mentioned in a few of the videos I've
> watched that GNUnet isn't really supposed to be used with a
> browser. Would it be a more "GNUnet way" thing to have my
> "site" be a set of more traditional documents that are made
> available using the file-publishing systems? How might I
> collect them together into a coherent group and make them
> accessible using a tidier and more memorable URL than some of
> the gnunet://fs/* links I've seen with entire public keys?
> Would it simply be done with GNS and some form of file path?

Combining GNS and file-sharing is actually one key aspect on my agenda
for the next iteration of file-sharing. But I don't predict I'll have
time to work on that anytime soon. So for now, there are two choices:

* create a TGZ or ZIP file of the Web page and publish that
  (as gnunet://fs/)
* share the directory, gnunet-publish can preserve file hierarchies

> ### 2: How might I chat with friends?
> I've read the document section on the "Conversations" program
> that uses a phonecall-esque approach, and I've also read that
> protocols like SMTP haven't been implemented "yet". In a
> hypothetical GNUnet which is more developed and actively used
> by a larger population, what would be "the" way of doing
> Email-style communication, IM-style communication, and any of
> those and voice in groups with multiple members? Would there
> be additional protocols and components in GNUnet that would
> manage these kinds of communication? How do/might they
> look/work?

The SecuShare folks have some gnunet-nim codebase they use for IM-style
chatting. Maybe they can give you more detailed pointers on how to use it.

gnunet-conversation is only for voice, text messaging is not yet
implemented for it.

> ### 3: How might I make use of my "ego"s and GNS zones from
>        multiple machines?
> I have a desktop at home, a laptop, a work computer, and my
> VPS. If I were to connect all of them to GNUnet and had made
> myself a couple of "ego"s for say personal use and public use
> (with a pseudonym) and had a personal GNS zone, how might I be
> able to act as any of these "ego"s from different devices? For
> instance, I might be using "Ego1" on my desktop talking to a
> friend and need to go somewhere. When I get to my destination
> and take out my laptop, how might I be able to continue the
> conversation still as "Ego1"? Or would having a separate ego
> or group of egos for each device be how I'd do it?

We don't have a convenient way to do this, but if you are a competent
sysadmin you can just copy the files from
$HOME/.local/share/gnunet/identity/egos/ from one system to the other
(that's where the private keys are) and restart the peer to have the
identity subsystem rescan the directory.
> ### 4: How can I make sure data is still available when my
>        machines are powered off?
> If for instance I have files hosted on a machine or have my
> GNS zone on my computer and I turn my computer off, would the
> files and GNS records still be available to other machines?

For some time, yes. GNS records are published in the DHT, and may be
cached (IIRC for about a month). Of course, if your expiration times are
set to 5 minutes, they may be lost much faster than that.

> Can they still resolve my GNS records without my machine being
> on? If I host a file rather than just indexing it, will it be
> available via other peers at all?

Other peers may cache the file or parts of it, but they may also drop it
if they don't have excess storage. So there are no guarantees that the
file will remain available.

> If not, then would it be
> reasonable to run most if not all of my GNUnet content from my
> VPS which will be on all the time?

Yes, indeed. Same for the GNS zones.

> ### 5: How are public keys linked to specific machines?
> As a machine's address is given as its public key, how can one
> machine look at a public key and know how to figure out what
> exact computer that means? What's the logical process from a
> computer being given a public key either directly or via GNS
> to getting data to the specific machine that key refers to?
> Would a better understanding of how "legacy" IP addresses
> achieve the same task answer my question here?

GNUnet has HELLO messages which bind network addresses to public keys
identifying peers, which is indeed similar to the ARP mechanism that
binds IP addresses to Ethernet addresses. It also creates similar
privacy issues for mobile users which we still have to resolve properly.

> ### 6: How might an organisation manage a presence on GNUnet?
> Say there is some Company C that runs an online shop and that
> company wants to make its service available over GNUnet. How
> might that be done? Would the website be hosted in a similar
> fashion to any other website just accessible over GNUnet and
> with transactions managed using Taler? What might the key
> differences be between such a site on GNUnet and on legacy
> internet from a user/customer perspective?

While GNS's "VPN" records in combination with our IP-over-GNUnet
subsystem allow this, this kind of client-server deployment is more of a
backwards-compatibility thing. We have started very early work on a
secure multiparty auction protocol (ebay-like), and I would imagine we
might similarly eventually have something like a decentralized shopping
protocol, where you effectively would specify the product you are
looking for and get offers from all shops offering the particular
product. So at that point, someone running an online shop would post the
catalog of their products with prices, and wouldn't have to bother with
JS/CSS and styling & marketing. But YMMV, that's at this point just my
totally crazy and very, very long-term vision (which I have no plans to
work on this decade, much more pressing issues out there first ;-)).

> ### 7: How might "local networks" work?
> Or would they exist at all? The systems I work with in my job
> might have a handful of internet-facing servers, but - like a
> lot of environments - most of the servers live within LAN and
> never exist outside. Would this be similar with GNUnet? Would
> there be a different system for managing localised connections
> and controlling access?

As I see it, if you wanted to have services available only to a limited
audience, you'd simply only post the (randomly generated, high-entropy)
CADET port numbers in a GNS zone where that GNS zone's public key was
only shared with the limited target audience. That should perfectly
suffice to hide even the existence of those services from the rest of
the world. There should be no need for any other kind of isolation /
access control.

> ### 8: If I setup my machines to use GNUnet, how can I have
>        them try and use GNUnet for all traffic, but fall-back
>        to legacy internet when the service I'm requesting
>        isn't reachable over GNUnet?
> Is this the kind of setup that might be considered "default"?

For GNS, yes. If you setup the GNS resolver, all GNS-enabled zones would
be resolved via GNS, and it'll fall back to DNS for the rest.  For most
other Internet traffic (unless you use GNUnet-PT) deploying GNUnet
wouldn't do anything in the first place.

> The documentation described ways of using GNS to access the
> legacy internet with Virtual Public Networks, and using
> "Ascension" to convert legacy DNS tables to usable GNS tables.
> How much of a cross-over is there between legacy internet and
> GNUnet at the moment?

You can also use GNUnet for IPv4-IPv6 protocol translation and/or
tunneling. But GNS/DNS is indeed the main cross-over point today.

> ### 9: What sorts of applications might I write for GNUnet
>        considering what systems already exist?

Whatever you're qualified to do and feel like. It's Free Software ;-).

> If I want to write an application that uses GNUnet to
> communicate with other users or access things like software
> repositories for checking for updates and the like, what would
> be the approach to this?

The GNU Guix folks are interested in this, and did a bit of preliminary
work on this. But to make this really work nicely, we'll have to finish
the Transport Next Generation (TNG) work, and fix some fundamental
design issues in file-sharing (for performance).

> Or say I wanted to create a social
> network, is the idea of GNUnet that everything work on the
> protocols and systems that are part of GNUnet and really
> integrate with it as a platform?

Talk to the SecuShare(.org) folks, they're working on exactly that.
Albeit a bit idle these days AFAIK as a key organizer went into art.

> Or might an application use
> its own protocol instead?

Usually, applications build on existing layers --- but also add their
own layers and protocols.

> Also, with what systems are already
> part of GNUnet and what logical additional systems I might
> anticipate in the future, would there be much need to write
> applications for it at all? The only exceptions being clients
> to these existing systems?

As we want to abandon the client-server world, most Internet
applications will need to be redesigned and rewritten to work in a true
peer-to-peer fashion.

> ### 10: Where does my key come from?
> Is it my existing GPG key pair that I use for emails? Or are
> new keys created for every host, ego, and GNS zone?

GNUnet never touches your GPG key pair (ok, you may yourself put it into
a CERT record in GNS, but that's about it). GNUnet creates new,
independent keys for every host and ego/GNS-zone (egos and GNS zones use
the same keys).

> ### 11: Last one. What chat rooms and systems can I start
>         participating in right now?
> Are there any? I think it would be amazing to see it working
> and be talking to people with it and browsing content others
> have already made? Is there anything doing a similar job of
> the IRC channel but on GNUnet? If not, are there docs that
> would allow me to - once I'm more familiar with how it all
> works - to setup my own "room" that I can invite friends to
> and chat in?

The gnunet-nim / secushare folks run something, but I've not had the
time to use it myself. I expect they'll indoctrinate me during the
GNUnet Hacker meeting in 2 week ;-).

> I know that was a lot so I'm very grateful to anyone that took
> the time to read through all of my rather naive and maybe
> over-excited questions - and sorry if this isn't the best
> place to be asking all these questions or if my wall of text
> isn't really appropriate for this list. Again, from all that
> I've seen so far, I think this is genuinely incredible and I
> would really like to be able to contribute to this project in
> the future.

Great, you're welcome. And concrete suggestions for improving our
documentation to make these questions obsolete for the next person would
be particularly welcome ;-)

Happy hacking!


Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]