[feature/web] Implement Web-based Bootstrapper API

[SubverseIM]

The Subverse Network needs an open, standardized, and easy way to integrate "bootstrapper nodes" into the Network.

We envision a Web-based REST API that operates over a single entity type: Servers.

1. This API should keep a non-permanent log of the ip:port pairs that have most recently "pinged" the bootstrapping service.

2. Additionally, the API should allow clients to access the most recent entries in this log, in the interests of bootstrapping those clients as members of the larger Subverse Network.

3. The API should maintain a whitelist of Servers that it trusts to use the service appropriately; consider using PGP authentication to aid this process.

4. Calls from clients that cannot prove their membership within the whitelist must be canceled or disregarded at the first sign of distrust.

Consider implementing the following endpoints into this API service (body of each POST should be the public key of the calling Server):

• POST /subverse/ping (allows clients to log their current service endpoint once authenticated)
• POST /subverse/top (allows clients to access the most recent log entries once authenticated)

Discussion under this issue should be focused on potential implementation issues and security implications of using such a service to bootstrap the Subverse Network.

[IsaMorphic]

One should consider the potential here for pervasive monitoring as an attack on the Network and its users. Though yes, solutions exist already to anonymize the IP protocol, such as IPsec and Tor, most people wanting to spin up a VPS or cloud instance to host one of these bootstrapper nodes doesn't have the access required to install these solutions properly on their host (much less anyone non-technical wanting to connect to these hosts).

As a result, the Subverse Network is likely to function as its own independent overlay on top of the open Internet, much like the Mainline DHT network of BitTorrent. Pervasive monitoring is used by ISPs to attack BitTorrent users by detecting DHT and seeding traffic coming from consumer-facing IP addresses. Given this existing practical scenario in which pervasive monitoring techniques such as IP sniffing are used to attack DHT-like traffic, what are ways that we, as designers, can mitigate the potential for these attacks to breach the privacy of our own users?

One strategy already suggested above includes using whitelisting and decentralized PKI to enforce a boundary of trust around each bootstrapping node. However, this still does not prevent techniques such as DNS sniffing from pinpointing these nodes, and their users in a systematic way. It's worth considering, then, a way to "mask" the kinds of traffic that ISPs might attempt to sniff out in relation to DHT/bootstrapping activity.

Is it outside the realm of reason to implement a DNS service within the Subverse Network?