prove decentralization creates vulnerability to a larger degree than centralization
On Mon, Nov 24, 2014 at 2:57 AM, Gregory Maxwell <[email protected]> wrote: > On Mon, Nov 24, 2014 at 1:07 AM, > <[email protected]> wrote: > > I have carefully checked trac and torproject.org website for proposals, > > seen many interesting ones but not a single one to decentralize the Tor > > network from the direcotry authorities. There are many ways to accomplish > > this apparently, and it's the only way to guarantee full independence and > > anonymity. > > > > Are there even plans to make this change? Or the current system which > > offers full control for few people seams good enough to you? > > It's far from clear to me that substantially stronger decentralization > is practically possible for this application; at least not without > additional assumptions and exposure to new and concerning attack > vectors. > > I think a better short term goal would be improving review and > auditability... which I think can be done. E.g. better tools for > providing convincing evidence that the directory authorities are not > misbehaving, and additional protections against misbehaving, better > automatic handling should authorities misbehave. (E.g. making it so > that authority signing is moved into a HSM which at least enforces the > constraint that only a single signature will be given for a particular > time period, or the like; making proof of a misbehaving authority > forever ban that authority, beyond a threshold misbehaving should shut > down the network until manually overridden, etc.). > -- > tor-talk mailing list - [email protected] > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- Cari Machet NYC 646-436-7795 [email protected] AIM carismachet Syria +963-099 277 3243 Amman +962 077 636 9407 Berlin +49 152 11779219 Reykjavik +354 894 8650 Twitter: @carimachet <https://twitter.com/carimachet> 7035 690E 5E47 41D4 B0E5 B3D1 AF90 49D6 BE09 2187 Ruh-roh, this is now necessary: This email is intended only for the addressee(s) and may contain confidential information. If you are not the intended recipient, you are hereby notified that any use of this information, dissemination, distribution, or copying of this email without permission is strictly prohibited. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
