Hi List :)
Paul Syverson:
You may want to take a look at https://blog.torproject.org/blog/life-without-ca
What about the Perspectives addon? http://www.cs.cmu.edu/~perspectives/ (or http://perspectives-project.org/ where it redirects me) and the talk "BlackHat USA 2011: SSL And The Future Of Authenticity" https://www.youtube.com/watch?v=Z7Wl2FW2TcA
[CW]ould you recommend using it? (e.g. in conjunction with Certificate Patrol)
I have the impression, there aren't that many people regularly using (and relying on) it.
But probably, it could be interesting to (1) have a notary as a hidden service and/or (2) as normal (outside tor) server that does the queries through tor. If in addition, (3) the Perspectives user uses tor for the queries, (s)he hides his identity from the notary.
Purpose of (1): Hide the notary to make it harder to MiM it. Purpose of (2): Randomly* change the perspective of the notary as it views through the exit.
For (2): - On the other hand, the "quality of results" then depends on the number of exit nodes and the probability to choose different exits (with high bandwidth exits being chosen more frequent by tor(?)). - Effectively, this would be the same as without Perspectives and using tor to retrieve the SSL certificates, though it would require multiple exit node changes and queries to get multiple views.
I have to admit, that I'm not knee deep into these topics, so consider these just as some unqualified thoughts... -- n