On Fri, Jan 22, 2021 at 12:45 AM Christian Huitema <huitema@xxxxxxxxxxx> wrote:
On 1/21/2021 5:02 PM, Phillip Hallam-Baker wrote:
On Thu, Jan 21, 2021 at 2:56 PM Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote:
Putting two things together:
On 22-Jan-21 07:57, Phillip Hallam-Baker wrote:
...
> A ULA->Public key registry provides exactly the right degree of incentive. It allows us to take an area that is currently flaky as heck and make it 'just work'. That area is VPN access.
Yes, but afaik you (or I) can't claim ownership of random numbers. So if my ULA prefix is fd63:45eb:dc14::/48 and I provide a public key for it, what's to stop you using the same prefix and providing your own public key for it?
The registry undertakes to only issue each prefix once and bind it to a public key specified by the holder.
The registry publishes the allocation in an append only log which is attested by a blockchain type technique. So there is (almost) no scope for the registry to defect.How do you protect the registry against a Sybil attack?
-- Christian Huitema
There is a one-time charge of $0.10 per registration. No renewal fees.
So a DoS attack would merely swell the coffers of the not-for-profit Mesh foundation which will pay for development of code, etc.
I am not sure that a Sybil attack is relevant as there is absolutely no accreditation going on here except between the registry and the small set of chosen peer notaries. And they are merely cross notarising. There are no subjective or unconstrained inputs here. Every input is deterministic, the only non determinism comes from timing.
