| 2 Nov 06:03 2009

Re: hackage is down.

Untenable for many "corporate" users administratively prohibited from running any P2P software. First
really creative use of a DHT I've seen in 6 years, kudos.

------Original Message------
From: Shelby Moore
Sender: haskell-cafe-bounces <at>
To: haskell-cafe <at>
ReplyTo: shelby <at>
Subject: Re: [Haskell-cafe] hackage is down.
Sent: Nov 1, 2009 19:57

Opportunity cost minimization problem:

>> No no no!  Why not download the normal (signed) cabal list from the
>> DHT (and optionally directly from  These are all
>> the packages that would appear on the website.  Why serve any other
>> content?  All nodes in the DHT may check and make sure the file (or
>> fragment) being served is properly signed.
>> Any desire for popularity or tagging capability should be separate.
> Because single single hackage private key can be bruteforsed or stolen
> far easier than lots and lots keys of random people.
>>> + User maintains list of trusted people's open keys, in order to
>>> validate authenticity and see trusted ratings.
>> This would need further explanation, but in general I'm against
>> requiring user interaction on this level.
> You choose who's moderating packages for you. Some well-known community
> moderators and your trusted friends. If no one rated package yet, then
> you download and rate, so people who trust you can make decision based
> on your rate.
> Kind of social network.

In short, P2P introduces non-determinism.  Non-determinism is natural law
and otherwise order is not permanent (e.g. ends in non-composability,
errors, vulnerabilities, etc):

What is needed is some way to set up upper bound to the level of
non-determinism in some useful domain:
(space determinism in Haskell)

Which are really opportunity cost minimizations:
(my architectural comments about BitTorrent free loading)
(long winded, not so coherent brainstorming)
Haskell-Cafe mailing list
Haskell-Cafe <at>

Sent from my Verizon Wireless BlackBerry
Haskell-Cafe mailing list
Haskell-Cafe <at>