On Fri, Nov 15, 2002 at 01:54:40AM +0000, Matthew Toseland wrote: > On Thu, Nov 14, 2002 at 05:46:20PM -0800, Ian Clarke wrote: > > On Thu, Nov 14, 2002 at 08:08:14PM -0500, harik at chaos.ao.net wrote: > > > The same way you keep your PGP key secure. Don't Share. > > > > Trust me, a half-motivated government or powerful organization could get > > your PGP key very easily. Break into your house, install a bug in your > > keyboard, or a modified version of GnuPG, and the next time you enter > > your PGP password, they have it. The only thing that stops them is that > > there probably isn't a good reason, but if Freenet really started to > Plus, it's probably easier to get in electronically. This drops the > threshold significantly. > > take off - there would have more than enough motivation to do this to > > one of the Freenet developers. > > > > > I'd suggest Web-of-Trust. Either internal to freenet or using PGP > > > keyservers. Sign a .JAR with a short-expiration key (on the order of > > > weeks or months) Sign that key with Ian's key. (Cross signed with > > > Oskar, Matthew, etc) Now we have a distribution key, known to one > > > person (The "distribution officer") with a short duration. > > > > And what happens when (not if - WHEN) our well-motivated opponents get > > my private key? > Freenet is dead already in the presence of well motivated rich > opponents (electronically, illegally: map all the nodes, DoS; > legally/legislatively: get a judgement or a law that freenet is an evil > illegal filesharing tool). But we shouldn't be adding new vulnerabilities :).
If you guys want to be super paranoid about this, we can use a secret-sharing scheme or just multiple signatures, but store the private keys on physical security tokens (such as http://www.ibutton.com). Scott -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021114/a0281c27/attachment.pgp>
