[tor-relays] Node Operators Web Of Trust

Kevin de Bie kevindebie at gmail.com
Fri Nov 7 21:11:27 UTC 2014 

How does one establish trust online though? Trust is a very delicate thing.
A system such as this simply inherently has these challenges. Pretty sure
that is why the tor browser for example always uses https.

Op 21:26 vr 7 nov. 2014 schreef grarpamp <grarpamp at gmail.com>:

> Is it not time to establish a node operator web of trust?
> Look at all the nodes out there with or without 'contact' info,
> do you really know who runs them? Have you talked with
> them? What are their motivations? Are they your friends?
> Do you know where they work, such as you see them every day
> stocking grocery store, or in some building with a badge on it?
> Does their story jive? Are they active in the community/spaces
> we are? Etc. This is huge potential problem.
> NOWoT participation is optional, it is of course infiltratable,
> and what it proves may be arguable, but it seems a necessary
> thing to try as a test of that and to develop a good model.
> Many operators know each other in person. And the node
> density per geographic region supports getting out to meet
> operators even if only for the sole purpose of attesting 'I met
> this blob of flesh who proved ownership of node[s] x'.
> That's a big start, even against the sybil agents they'd surely
> send out to meet you.
> Many know exactly who the other is in the active community
> such that they can attest at that level. And so on down the
> line of different classes of trust that may be developed
> and asserted over each claimed operator.
> Assuming a NOWoT that actually says something can
> be established, is traffic then routable by the user over nodes
> via trust metrics in addition to the usual metrics and randomness?
> WoT's are an ancient subject... now what are the possibilities and
> issues when asserting them over physical nodes, not just over
> virtual nodes such as an email address found in your pubkey?
> And what about identities that exist only anonymously yet
> can prove control over various unique resources?
> If such WoT's cannot be proven to have non-value, then it seems
> worth doing.
>
> This doesn't just apply to Tor, but to any node based system.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141107/9bbc09a7/attachment.html>

More information about the tor-relays mailing list