[vworld-tech] Ultimate MMO Platform

[Crosbie Fitch]

> From: Crosbie Fitch
> But, yeah, if someone writes a virus that can harvest all the 
> private keys then sure, the trust system is effectively 
> reset. :-{   (this wouldn't instantly lose the content, just 
> put all the trust back to zero - briefly).

I should add that this only happens if someone realises that all private keys have been compromised.

Otherwise, identity compromise is detected as each private key is utilised.

There are probably ways to recover identity even in the presence of impostors. If there is a historical log that a node's relations maintain, then it's highly unlikely that the impostor can produce a compatible log. Unless of course, someone took a snapshot of the node in question...  and then it'll just be a race.

Anyway, a private key based identity can be thought of as just a unique name (cos that's what it is), and that any time another node pops up with the same 'unique name', the node has to re-demonstrate its identity/authenticity via a more longwinded process. Just as humans have to do when someone introduces an identical clone (but which only has a small, albeit recent, subset of shared memories).

Of course, there's another problem and that is: "How do you know that two identical nodes aren't actually just a single genuine node that is having its communications maliciously duplicated in order to have it invalidated?". In order to detect duplicate identities one does also need to rely on addressability, i.e. that it is possible to rely on there being one and only one address per node, or rather that if there are multiple addresses or communication paths, that it is possible to determine whether these are equivalent or not.

You know, I bet there'll soon be degree courses in Internetworking Epistemology.