On Wednesday 24 Jul 2013 22:42:58 Robert Hailey wrote: > > On 2013/07/24 (Jul), at 3:21 PM, Matthew Toseland wrote: > > > At present once you are connected to a peer, it can change its name. So it > > can e.g. impersonate your other peers. This is not easily detectable > > because of character set issues (there are lots of characters that look > > like "o" with different unicode code points, for example). > > > > IMHO we need to *confirm the node name* as part of exchanging noderefs. > > This *should not then change* - at least not without local confirmation. > > The node can call itself whatever it wants, but we'll always show the name > > it was added as, unless the local user accepts a change. > > Or else we can highlight in red any names that contain high-byte unicode > characters (i.e. fair warning).
No, it's not that easy. People may have legitimate reasons to use these characters, e.g. because the names are in other languages. Also, the other node (with duplicate name) may not be obvious e.g. because it is disconnected.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
