[Haskell-cafe] hackage is down.

Shelby Moore shelby at coolpage.com
Sun Nov 1 22:57:55 EST 2009


Opportunity cost minimization problem:

>> No no no!  Why not download the normal (signed) cabal list from the
>> DHT (and optionally directly from hackage.haskell.org)?  These are all
>> the packages that would appear on the website.  Why serve any other
>> content?  All nodes in the DHT may check and make sure the file (or
>> fragment) being served is properly signed.
>>
>> Any desire for popularity or tagging capability should be separate.
>>
> Because single single hackage private key can be bruteforsed or stolen
> far easier than lots and lots keys of random people.
>
>
>
>>> + User maintains list of trusted people's open keys, in order to
>>> validate authenticity and see trusted ratings.
>>
>> This would need further explanation, but in general I'm against
>> requiring user interaction on this level.
> You choose who's moderating packages for you. Some well-known community
> moderators and your trusted friends. If no one rated package yet, then
> you download and rate, so people who trust you can make decision based
> on your rate.
> Kind of social network.

In short, P2P introduces non-determinism.  Non-determinism is natural law
and otherwise order is not permanent (e.g. ends in non-composability,
errors, vulnerabilities, etc):

http://www.haskell.org/pipermail/haskell-cafe/2009-November/068432.html

What is needed is some way to set up upper bound to the level of
non-determinism in some useful domain:

http://www.haskell.org/pipermail/haskell-cafe/2009-October/068382.html
(space determinism in Haskell)

Which are really opportunity cost minimizations:

http://forum.bittorrent.org/viewtopic.php?id=28
(my architectural comments about BitTorrent free loading)

http://goldwetrust.up-with.com/technology-f8/computers-t112-15.htm#2189
(long winded, not so coherent brainstorming)


More information about the Haskell-Cafe mailing list