💾 Archived View for qwertqwefsday.eu › 2021-04-07-tubes.gmi captured on 2022-07-16 at 13:47:48. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Until now the most I did with the Tubes was an incredible learning experience for a lot about networking stuff, especially things that I probably would not even have looked at otherwise: What DNS zone files contain, a bit about how they work, how to configure a bind9 DNS server. I now better understand how to use wireguard, the configuration was a bit confusing when I set up my own VPN tunnel to my web server. And also a bit about babel routing works, although that concentrated more on how to set up and configure it. Most of this was of course helped by sundog's and especially kepstin's instructions.
Basically it also feels a lot like we are "creating the internet again", but a lot of the technology is luckily already there. But there are some questions to be answered, e.g. address assignment, how and by whom it is done.
I also got a better idea of iptables (or netfilter respectively) in regard to filtering things on specific interfaces. But that might already give you a slight idea about where we're headed in this, if you were at or watched sundog's presentation about the Tubes, which was recorded and has already gathered some 20 views. In the talk he lays out some reasons for starting the Tubes in the first place:
Something he later points out when talking about DN42 is this: "If you look at the trust model, I am sure all of you see that it is only one step below a fully public network at that point, if all that you have to do is say 'Yeah, give me a number and a subnet allocation and hook me up to these thousands and thousands of people.'" He meant this to contrast with how the Tubes is set up, but when I look at how I got into the Tubes I have to wonder: All I did is type "yell" in the chat after the talk above was over and sundog handed me a "number and subnet allocation". There is nothing different from DN42, except it was a lot easier and I got instructions right away which was really nice.
I think you can see that there are some problems with that. But the real question is how to make it better. And that is also something sundog pointed out himself on info.sundogistan:
- how do we, as peers forming a private network, decide who else to accept as peers? is it cool if I peer with somebody and, in doing so, expose the rest of y'all to someone you don't know? that doesn't seem cool on the surface. at the same time, adding a bunch of formalization to what's been pretty informal so far also doesn't seem cool on the surface. so, I'm torn on this one.
I think we might have to establish some base rules, I will propose some that I would like here. I have numbered them for convenient reference.
I really liked the "got in at the door" metaphor, so I think we should continue on that a bit:
1) There is a door and people are required to go through it to join the party. This would be the first rule: No traffic flowing into the Tubes willy nilly.
2) There is a fundamental property that usual every day doors posess: I would be able to find that door in a certain place. And I would then be able to see if and who gets in through that door. But that only works if there is a singular door, with multiple doors it gets complicated. On the other hand having a singular point of entry would place some restrictions and strains on someone. This is not good. But I would still like to keep the property of knowing if and who passes through the door. Thus my second rule: I want to know when someone enters the Tubes.
That raises another question though: How should this be announced? There are multiple possibilities. Continuing "pulling existing technologies off the shelf" a mailing list would be an idea, but doesn't sound very practical. A better idea might be RFC 4287 - The Atom Syndication Format, but I don't know how easy that would be to maintain. When sundog comes around to allowing write acces to a website that would probably be a good idea, but keeping a backup with accountable edits in a git repo or something would also be a good idea. Note that I am already trying to track DNS zone information on a public-within-the-Tubes git repository that also contains some tooling. So that participants repository might contain some contributed script to generate an Atom feed.
3) "had their ID checked", this is very interesting. What kind of ID do we require to enter the Tubes? If we wanted to be inconsiderate we could just say people have to provide some legal ID. But there are manyfold problems with that, the least being verifiability of a picture of an ID card. I don't want to create double standards compared to how I joined.
Let's take a step back for a bit and think about why (some) people are not always malicious away from the keyboard or offline? (Not saying "offline" here because that would imply the Tubes are not real.) I think a prime factor is just accountability. If I can see that someone is stealing my car and that someone is you, I can confront you directly or at least try to get hold of you afterward by another method (for example criminal investigation). But online I can not generally do that, which is not necessarily a bad thing. But if we want to establish trust within the Tubes, we ought to have some accountability.
Coming back to the Tubes, we already have some accountability once a person is inside the network, because when the address was assigned, the participant number was linked to a name. But as Goethe's doctor Faustus said "... Gefühl ist alles;/Name ist Schall und Rauch,/Umnebelnd Himmelsgluth." - "... Feeling is all:/Names are sound and smoke,/Veiling Heaven’s bright glow." A name alone does not mean anything. Thus the third rule: There should be something to tie a person to.
What exactly would be something you can tie a person to requires further discussions. I would propose that an account on the fediverse might be something, given it has some actual content in it, i.e. is not less than a week or so old. But there are still some pitfalls to consider about this, there can not be a hard rule, merely generally acceptable standards. Of course if people wish to do so, they may share some legal ID, but as mentioned before that might not actually prove anything.
I do not expect these exact rules to be enforced, but some more discussion about them would be appropriate.
discussion is welcome under this Mastodon post
recording of sundog's talk about the Tubes
info.sundogistan (only available inside the tubes, therefore the full quote was reproduced here)
J. W. von Goethe's Faust part 1 in German on wikisource.org, the quote is from ll. 3456-3458
an English translation of the above by A. S. Kline, the quote is from ll. 3456-3458