Today I realized what Q2Q is. It is a (I swear, this just came to me, I was
not even trying to make it sound like anything) Self-Certifying Remote
Endpoint Authentication Mechanism, or "SCREAM".
A SCREAM in this sense is a mechanism whereby connections are authenticated
by cryptographic means; where the handshake includes information identifying
the connector to an arbitrary level of precision (in Q2Q's case, via an SSL
certificate, that the connection is authenticated with)
It is self-certifying because the connection itself identifies
itself, via both an in-band nonce and by TLS. All security is transport
security.
It refers to a remote endpoint which is the other end of a networked
communication. It identifies not only the user, but their agent, and
optionally the capabilities and permissions of their agent.
It is an authentication mechanism because you use it to prove that
your connection is authentic.
Also, Vertex will blow a hole in your NAT device the size of a watermelon:
no kidding. Vertex is the Divmod implementation of Q2Q. We really
want Q2Q to become a standard so we are making a big deal out of the
separation between product and protocol.
(I really feel like there are some uses for this thing that I've missed. I
really hope I have enough time to work on it in the next 6 months to see
something through to fruition: other, less focused, worse P2P and identity
solutions are starting to get some traction, and it bothers me.)