-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 23.05.2013 19:33, schrieb Matthew Toseland: > What prevents the bad guy from adding 1000 evil assurers? How do you know > they even exist as independant identities? Only persons which go itself though the assurer process can do the assurer-role. The first (system-bootstrap) assurers assure eachother and this initial process has to be well documented for the public community.
For example: If 99% of the initial assurer are evil, then the system is definately failing. If only 70% of the initial assures are evil, then the system will not fail, because an attacker can not chose to use the evil assurers. So they have to bruteforce. It can be meassured how often potential users abort the assurer process after going to the first or to the second assurer. A high bruteforcing rate is an indicator that there is a high bad-assurer percantage, which means, that people should not rely on the system anymore. Maybe it is not 100% clear what i mean, but i could make a verbose document about this, if you are interessted. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEcBAEBAgAGBQJRnl/pAAoJEFCTkZ2uNzgr/50IAKpp9LfmZEXcF03JQTIgxKML gKdn6iU/zLQBJsrMdnBJimdXezHZDZj+1Nmb7utL+t6uOt4TjQn//BT3y/nS+Qb7 q3ABAe8/QLY7BGevcE8uX8mL+YnPE0cG1rjLb6p6Q1qLCMUeORTOinjvdI8dvmMx CA9PSAEeZ2jdXonBE9x95o7vQOqqrRh0JE08nFr1l9bdbP7cski8ZoInqJ3dMQPw i87li9LVe6HB3QHttGgH6J6o5jVXZOzxkwR+86Q4xFhNlYSdj02LqCKrzcMK4+jO l539C+4Vss6VQmp+wiYC3kTILkYmWiUxkUukIgA+UyYmWltINgJaG0pTa0EQtEE= =WXmy -----END PGP SIGNATURE----- _______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
