[GSoC] GNUnet binary distribution system

[Pierre-Antoine Rault]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Guix,

I've been lurking and tweaking for some time now on #guix and have found
Guix to be of much interest. Recently hydra has come offline and i've
understood the need of a decentralized network (or at least some
redundancy) for a the binary distribution.
That is why I would like to apply as a GSoC student working on P2P
exchange of trusted signed binaries, hence the implementation of GNUnet
within Guix.

Having worked with libtorrent and kademila, i am quite familiar with dht
and P2P, and I think GNUnet shouldn't be much difficult to adapt to. I
am thus reading info about GNUnet, but I already have some features in
mind (not sure if redondant with other messages posted before):
* As said by Andreas Enge, users should all be able to share packages
themselves, provided they can cryptographically sign their binaries.
They would deploy a node (a personnal node) using a local deamon (could
be by passing a command to guix-daemon which would handle the task). The
local daemon would contact a list of known nodes (contained in a
mirrorlist) and send them hashes with their corresponding signature.
* Users should be able to trust a node. That would not mean trusting all
providers for all hashes recursively, but rather trust those trusted by
the node in cascade. Thus a distinction beetween trusted pairs and
trusted node pairs should be done.
* I think we should focus on ease of use, since it could become a good
alternative to setting up a full fledged server to share officially
supported packages and unofficial ones (like the AUR for Archlinux).

I still need to discuss my ideas about privacy, as I don't know what has
been said about it yet. Any comments appreciated :)

My Scheme level isn't high, but I'm learning Geiser/Paredit at the
moment and reading the docs thoroughly.

- - rigelk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTHgd2AAoJEHfJ0QE7gLd6j+oH/3f5LVoRxrkq+fvPJBBYbDq/
CHkIS3YEEnSYqznfmzLKifbrugUchjxyQE7KeyT079HnF6eJyU3AwlQVEB4Kr2qt
TcUj1Ep4dps2h0C/tphvR8W4xcVc3irGKvTJ4eeK6TzA8nOhTbCyit1hMNNa7OWR
aGzmNwwg+01jJoyt5L0HVy6TVofmu5tAUc0UEwtTgz7JoGSvlAudzk+nFV9Ef4Hy
tq5zDPRpW0726Wo+JFJxKFCgl+SYvZL7gpYpGX0rL3lXaGy3mhh7WhABqusorkev
+PvlLoWFyQxS5jgrZn2g/HlKproOTYPnwphlLRDLGDHlg2RLqRkgpJKTzOu5FMk=
=qaQ/
-----END PGP SIGNATURE-----