On Wednesday 22 May 2013 22:57:36 Zwiebelcode wrote: > > Hi freenet developers, > > Opennet is still alive and people want it. The theory behind darknet is, > that you can trust your friends (or at least you know, that your friends > are not automated bots) and add them in freenet. In opennet you dont > have to know people in real life. In opennet, an attacker can start > multiple nodes and try to observe the users. I am sure, this can be solved. > > I am working on open-ident, which will be a software, which users can > use to identify each other. Normally, users identify each other with > gpg-keys, passwords or whatever. But i want to create a identification > system that could be used like a passport. People then can have > electronic *unique* identities. This can be done without trusting a > central organisation or server. > > In the "normal" world, people use the governments passports to create > unique identities. But the past has shown, that the bad guys are able to > fake passwords. So we need a more secure identify-system. I suggest > open-ident. > > Open-Ident could be useful for securing up opennet. Opennet can use > open-ident to make sure, that all opennet users are really different > real-life-persons. When you then add tunnelling, then you have very very > strong security!!! > > > This is a shortened description how open-ident will work: > A users connects to an untrusted central server and requests for an > assurer-contact. The user physically goes to several (randomly assigned) > assurers and gives his fingerprint- and/or iris-scan to them. Then the > fingerprint-data is signed and send back to the server. After that, the > user gets a certificate, which proves, that his public key is a unique > real-life-person on that server. > > Currently, i try to implement this with the use of opentransactions. But > i am still not 100% sure if this is the best way. Maybe a stanalone app > would be better... It initially looked so easy because of their > ready-to-use blinded-token-coins which i could use in later steps to > anonymize the hole thing... > > Open-ident will not only be interesting for anonymizing systems, but > also for market platforms similar to ebay,... Because people can not > login twice on one market > > Comments?
If you can create a system that allows us to beat Sybil, that is, to ensure that getting a new identity is expensive for an attacker without greatly inconveniencing regular users, that would be revolutionary for more things than Freenet. For example, it would have a huge impact on spam prevention. It would eliminate the need for CAPTCHAs on website account creation, and so on. However, I have my doubts, as you are effectively creating a global, public, biometric ID database. You will need to store the biometric ID's to prevent duplicates. Also, how do you ensure trust in the assurers? You should look into existing systems that use a similar model, notably CACert: http://www.cacert.org/ IMHO this is unrealistic for the same reason that the GPG web of trust and CAcert aren't used much outside of the geek-who-regularly-attends-conferences subcommunity. It requires interaction with real people. It requires travel most of the time. In other words, it's inconvenient and expensive. And it will probably be seen as jeopardising privacy - certainly it has much more privacy impact than freenet darknet does! But good luck, it might just work...
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
