From mboxrd@z Thu Jan 1 00:00:00 1970 From: ng0@n0.is Subject: Re: Lightning talk at IPFS camp Date: Thu, 13 Jun 2019 21:38:00 +0000 Message-ID: <20190613213800.b3erymawvotgdhyk@uptimegirl> References: <87ef4g2zfq.fsf@ambrevar.xyz> <8cdf8d67-2b98-c6f9-e795-d507207b4e1b@fastmail.net> <87y32ff7w9.fsf@ambrevar.xyz> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:53514) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hbXQN-0003p2-NT for guix-devel@gnu.org; Thu, 13 Jun 2019 17:38:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hbXQM-0005VB-8i for guix-devel@gnu.org; Thu, 13 Jun 2019 17:38:23 -0400 Received: from aibo.runbox.com ([91.220.196.211]:59962) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hbXQM-0005Rt-1q for guix-devel@gnu.org; Thu, 13 Jun 2019 17:38:22 -0400 Received: from [10.9.9.212] (helo=mailfront12.runbox.com) by mailtransmit03.runbox with esmtp (Exim 4.86_2) (envelope-from ) id 1hbXQI-0007MK-6t for guix-devel@gnu.org; Thu, 13 Jun 2019 23:38:18 +0200 Received: by mailfront12.runbox.com with esmtpsa (uid:892961 ) (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.82) id 1hbXQ2-0005rk-5F for guix-devel@gnu.org; Thu, 13 Jun 2019 23:38:02 +0200 Content-Disposition: inline In-Reply-To: <87y32ff7w9.fsf@ambrevar.xyz> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org Pierre Neidhardt transcribed 1.7K bytes: > Thank you all for your comments! > > > That sounds like a great opportunity. Guix and IPFS are in my humble > > opinion two of the most interesting ongoing projects in the computing > > world.. Bringing the two together can only make this better. > > My humble opinion is on the same page ;) > > > - A unified way to refer to stuff (I am thinking of IPLD here) > > No more tarballs, git commits, etc. CIDs everywhere. > > Do you have a concrete use case? > > > - A unified storage scheme for all data, both "system" and "user". > > Can you elaborate? > > > I'm not too sure about how human input would be logged, but at the very > least the idea of distributing the store seems amazing. > > In a not so distant future, we could simply distribute the store of > everyone. > So if Alice built qtwebkit locally (at last!), then Bob will be able to > fetch the substitute. There would be no difference between substitute > servers and Guix users connected to the Internet. > > Anonymity should not really be a problem here, and even then it could be > done over Tor. > > Thoughts? Skipping all the rest, my brief comment on the tor point: You don't want to use tor for this. 1) it depends on the country if it is safe at all to use 2) tor has some recent RFCs and/or papers which hint at what we've been talking about for years, tor in its current form does not scale for applications like this (even when the throughput of the servers in the tor network got faster globally). At best make it an opt-in choice, legal reasons and safety considerations of your entire user base / community call for (1) as a reason, but also for (2) because you want to actively work on the relevant RFCs to not make this an annoyance both for you and tor. While some operating systems have the official blessing, I seem to recall (paper notes...) that in no case tor said it is a good decision to sent package manager traffic through it. Since you have no covertraffic, the point for anonymity is moot anyways. What's more, you buy into a couple of more points of authority to trust (in particular directory server operators, their ISPs, and so forth). I leave it up to you to gather the sources, I don't want to provide them right now as it is doable with enough time for yourself to see this is a bad idea. > -- > Pierre Neidhardt > https://ambrevar.xyz/