On 2014-11-07 16:08, Kevin de Bie wrote:

>With that in mind, he does raise a valid point.  Are there any plans to move
>to a more decentralised model for the directory authorities?  Are their any
>plans to move the power to blacklist nodes out of the hands of the Tor Project
>and into the hands of its users somehow.
 
This is pretty interesting point, but then i'm personally not really interested in having any control over the actual blacklist. I'd feel plenty comfortable with just insight into what is blacklisted, for what reason and if possible some evidence to support this reason. Giving control to "the people" isn't always a good thing either as even in TOR circles there'd be people that can't deal with having power on any level. Transparency is probably the word I was looking for to use.
I didn't fill in contact information on my fresh tor relay simply because the app I use doesn't allow me to. (my tor relay runs on an Ouya, therefore android) Regardless of the absence of contact information the reason I run the relay are in line with the reasons why TOR exists.
 

2014-11-07 22:35 GMT+01:00 Derric Atzrott <datzrott@alizeepathology.com>:
> How does one establish trust online though? Trust is a very delicate thing. A
> system such as this simply inherently has these challenges. Pretty sure that
> is why the tor browser for example always uses https.

Indeed, both the centralised and decentralised systems that are currently in
place have major issues.  Within centralised systems like the Certificate
Authority system we see corruption (have you seen their fees) and we must
trust them to actually verify identities and to remain secure, something
at least a few CAs have proven that they can't do.  Then we also have to
trust our vendors to provide default lists of CAs to trust that are in
fact worth of our trust.

Within decentralised systems like PGP we have to worry about the network
effect, and making sure that people understand what they are actually doing,
again we worry about whether or not we can trust our friends, and whether or
not we can trust their friends.

Trust is probably one of the hardest problems facing folks using the Internet.

With that in mind, he does raise a valid point.  Are there any plans to move
to a more decentralised model for the directory authorities?  Are their any
plans to move the power to blacklist nodes out of the hands of the Tor Project
and into the hands of its users somehow.

I'm not exactly sure how either of those would be accomplished, but I'm sure
there is a clever solution somewhere.

Thank you,
Derric Atzrott

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Trust can also be purchased indirectly. The operator you began trusting could hand over the keys for a price.