Use bittorrent trackers/DHT for peer discovery

[wrouesnel]

To provide for a casual P2P VPN discovery, some sort of global rendeavouz server is needed. Probably by far the biggest network providing this type of function is the network of BitTorrent trackers + the Mainline DHT Kademlia implementation.

The idea here is a new contact mode called "bittorrent" could be added to Freelan to take advantage of this to do peer discovery and CA distribution.

Each freelan node would boot itself up as a Bittorrent client, and loading either a torrent file or magnet URI that would point to the public CA certificate for a network. Each node then joins the network by downloading or seeding the CA certificate for other nodes - this allows new nodes to acquire the CA, and existing nodes to hole-punch through to other peers.

Remotely adding nodes could then be accomplished by a node sending a certificate signing request to the freelan network, which can then be signed by whoever holds the CA private key.

This allows a P2P mode of operation for doing key exchange without needing to use OpenSSL PSK and which solves the bootstrap problem of casual users needing at least 1 peer with a direct internet connection and reliably known hostname.

[leggewie]

54 and #35 discuss the same thing

[ThibaultLemaire]

I believe Tox uses a similar bootstrapping technique to connect its users.