[NZLUG] Privacy server

Martin D Kealey martin at kurahaupo.gen.nz
Thu Jun 20 20:10:25 NZST 2013


> On Tue, Jun 18, 2013 at 03:09:09PM +1200, Tim McNamara wrote:
> > Where is the flood of low-power, adequate CPU, good enough I/O and
> > reasonable RAM ARM servers? These things should be cheap and everywhere.

On Wed, 19 Jun 2013, Robin Paulson wrote:
> well, perhaps instead of going the usual route for jim's suggestion, that
> of a lumbering multi-core x86 somewhere, we go the many ARM boards with
> connected storage route?
...
> if we did it well, of course, we could have redundancy across multiple
> sites - they appear cheap enough to buy several if a group of us get
> together

Take this to its logical conclusion: a large federation of small servers
which *are* on residential ADSL; everything replicated everywhere;
basically, email-over-peer-to-peer-swarm.

Every outbound message would be handed off a number of times within the
swarm before transmission to the target MX; every inbound message would be
replicated across a number of nodes before being "acknowledged", and then
replicated further until eventually the recipient's machine is included in
the replication. The recipient can send signed expungement notices to the
other nodes.

The "public" point is then the signed authoritative DNS; everyone in the
group has rights to update the zone, so they can add themselves, and remove
anyone else who's fallen off the net. Everyone also knows the UDAI keys so
that the authoritative DNS servers can be changed multiple times per day
(every 4 hours for a .nz zone). Everyone knows that the DNS has been
hijacked because they can no longer use their keys to log into the current
DNS server to change its records.

(This idea is a work-in-progress; the basic idea is to minimize the
centralization will maintaining security.)

-Martin


More information about the NZLUG mailing list