Hey, it's been a while so I'm sorry if this has already been discussed. Hadn't seen it in the archives
I wanted to bring up the subject of Convergence.io as it fits in with Tor. Details here: http://convergence.io/ The short version of it is that it's a replacement to the current CA system. Instead of relying on a single entity for validation, it applies a web-of-trust style validation process. For example, you would install a bunch of trusted notaries into your browser so that when you visit an SSL enabled site, the certificate is validated between all of them so that you hopefully come to a consensus (or at least a majority) about the authenticity of that cert. There's a lot more to it but you can read about it yourself. My thought is that if implemented correctly (which it's currently not), this could get more people to enable SSL on their sites with their own self signed certificate thereby making Tor browsing more secure. Secondly, hosting notaries as hidden services may be a good way to implement this on the Tor network. Also it seems like Moxie is attempting to implement some of the same infrastructure paradigms that Tor has already so I wonder if anything can be applied that Tor already has learned. Moxie's talking about Convergence: http://www.youtube.com/watch?v=Z7Wl2FW2TcA @ _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
