[or-cvs] r8880: a few more discovery pieces, so i have something to send nar (tor/trunk/doc/design-paper)

Tue Oct 31 04:30:26 UTC 2006

Author: arma
Date: 2006-10-30 23:30:26 -0500 (Mon, 30 Oct 2006)
New Revision: 8880

Modified:
   tor/trunk/doc/design-paper/blocking.tex
Log:
a few more discovery pieces, so i have something to send nart


Modified: tor/trunk/doc/design-paper/blocking.tex
===================================================================

--- tor/trunk/doc/design-paper/blocking.tex	2006-10-31 03:14:41 UTC (rev 8879)
+++ tor/trunk/doc/design-paper/blocking.tex	2006-10-31 04:30:26 UTC (rev 8880)
@@ -4,11 +4,11 @@
 \usepackage{amsmath}
 \usepackage{epsfig}
 
-%\setlength{\textwidth}{5.9in}
-%\setlength{\textheight}{8.4in}
-%\setlength{\topmargin}{.5cm}
-%\setlength{\oddsidemargin}{1cm}
-%\setlength{\evensidemargin}{1cm}
+\setlength{\textwidth}{5.9in}
+\setlength{\textheight}{8.4in}
+\setlength{\topmargin}{.5cm}
+\setlength{\oddsidemargin}{1cm}
+\setlength{\evensidemargin}{1cm}
 
 \newenvironment{tightlist}{\begin{list}{$\bullet$}{
   \setlength{\itemsep}{0mm}
@@ -20,7 +20,7 @@
 
 \begin{document}
 
-\title{Design of a blocking-resistant anonymity system}
+\title{Design of a blocking-resistant anonymity system\\DRAFT}
 
 %\author{Roger Dingledine\inst{1} \and Nick Mathewson\inst{1}}
 \author{Roger Dingledine \and Nick Mathewson}
@@ -763,17 +763,29 @@
 
 \subsection{Social networks with directory-side support}
 
-In the above designs, 
+Pick some seeds --- trusted people in the blocked area --- and give
+them each a few hundred bridge addresses. Run a website next to the
+bridge authority, where they can log in (they only need persistent
+pseudonyms). Give them tokens slowly over time. They can use these
+tokens to delegate trust to other people they know. The tokens can
+be exchanged for new accounts on the website.
 
-- social network scheme, with accounts and stuff.
+Accounts in ``good standing'' accrue new bridge addresses and new
+tokens.
 
+This is great, except how do we decide that an account is in good
+standing? One answer is to measure based on whether the bridge addresses
+we give it end up blocked. But how do we decide if they get blocked?
+Other questions below too.
 
+\subsection{Public bridges, allocated in different ways}
 
-- public proxies. given out like circumventors. or all sorts of other rate limiting ways.
+public proxies. given out like circumventors. or all sorts of other rate
+limiting ways.
 
 
+\subsection{Remaining unsorted notes}
 
-
 In the first subsection we describe how to find a first bridge.
 
 Thus they can reach the BDA. From here we either assume a social
@@ -836,24 +848,22 @@
 actually need to reach the watering hole directly: it can respond to
 email, for example. Secondly, 
 
-% In fact, the JAP
-%project~\cite{web-mix,koepsell:wpes2004} suggested an alternative approach
-%to a mailing list: new users email a central address and get an automated
-%response listing a proxy for them.
-% While the exact details of the
-%proposal are still to be worked out, the idea of giving out
+In fact, the JAP
+project~\cite{web-mix,koepsell:wpes2004} suggested an alternative approach
+to a mailing list: new users email a central address and get an automated
+response listing a proxy for them.
+While the exact details of the
+proposal are still to be worked out, the idea of giving out
 
 
 
 \subsection{Discovery based on social networks}
 
-A token that can be exchanged at the BDA (assuming you
-can reach it) for a new IP:dirport or server descriptor.
+A token that can be exchanged at the bridge authority (assuming you
+can reach it) for a new bridge address.
 
-The account server
+The account server runs as a Tor controller for the bridge authority.
 
-runs as a Tor controller for the bridge authority
-
 Users can establish reputations, perhaps based on social network
 connectivity, perhaps based on not getting their bridge relays blocked,
 
@@ -971,6 +981,22 @@
 \section{Security considerations}
 \label{sec:security}
 
+\subsection{Possession of Tor in oppressed areas}
+
+Many people speculate that installing and using a Tor client in areas with
+particularly extreme firewalls is a high risk --- and the risk increases
+as the firewall gets more restrictive. This is probably true, but there's
+a counter pressure as well: as the firewall gets more restrictive, more
+ordinary people use Tor for more mainstream activities, such as learning
+about Wall Street prices or looking at pictures of women's ankles. So
+if the restrictive firewall pushes up the number of Tor users, then the
+``typical'' Tor user becomes more mainstream.
+
+Hard to say which of these pressures will ultimately win out.
+
+...
+% Nick can rewrite/elaborate on this section?
+
 \subsection{Observers can tell who is publishing and who is reading}
 \label{subsec:upload-padding}
 

