[tor-bugs] #7523 [BridgeDB]: Decide whether reputation should be tracked between accounts
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 20 01:13:43 UTC 2012
#7523: Decide whether reputation should be tracked between accounts
----------------------+-----------------------------------------------------
Reporter: aagbsn | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: BridgeDB | Version:
Keywords: | Parent: #7520
Points: | Actualpoints:
----------------------+-----------------------------------------------------
From https://svn.torproject.org/svn/projects/design-
paper/blocking.html#tth_sEc7.4:
{{{
We could track reputation between accounts (if you delegate to somebody
who screws up, it impacts you too), or we could use blinded delegation
tokens [5] to prevent the website from mapping the seeds' social network.
We put off deeper discussion of the social network reputation strategy for
future work.
}}}
There are some clear advantages to being able to link accounts. For
example, if accounts are *not* linked, a simple attack would be to use one
account to harvest tokens (invites) and use subsequently activated
accounts to enumerate bridges.
However, we might not want to the liability of storing the social graph,
in case the database were compromised. Perhaps we could consider an
approach where links between accounts degrade (are removed) over time, or
we only track a few links of the account chain.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7523>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list