Of Bittorrent & Publisher Signatures

As Bittorrent becomes more and more distributed over time I become more and more concerned about the loss of the publisher’s identity. Now a few Bittorrent clients have the ability to search for .torrent files over DHT. This completely removes the publishers identity form the torrent and leaves the user to guess about where the .torrent came from and whether it is legit.
Something I would suggest is to use a PGP/GPG key to sign the info section of the .torrent file. The resulting signature could then be embedded into the .torrent file as a signature section. Then any client that has the publishers public key and a supporting client would be able to prove with a high degree of certainty where the .torrent originated.
This would be a very user friendly way to sign .torrent files, and would also be compatible with non supporting clients and intermediary software since only the info section needs to be maintained to ensure function of the .torrent file. Any software that doesn’t support the use of signatures can simply ignore or even delete a signature section of the .torrent file and clients would still be able to open the .torrent and download the content.
Trackers and indexers could also support the use of signatures. I would like to be able to search by signature ID, and see signature IDs or UIDs on torrent summery pages.

I’m not sure if I would implement this myself since the field is already rich with clients; if I made a client just to test this idea it would not be able to compete with the likes of uTorrent and Vuze. However, if I did persue implementation on my own it would likely first take the shape of a real specification for how signatures are to be embedded into the .torrent files, and then possibly a simple application that would sign and validate .torrent files.


~ by lunaticexperimentalist on November 15, 2008.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: