[tor-relays] Node Operators Web Of Trust

014 014 at savemetechs.net
Fri Nov 7 22:30:39 UTC 2014 

 

On 2014-11-07 16:08, Kevin de Bie wrote: 

>> With that in mind, he does raise a valid point. Are there any plans to move
>> to a more decentralised model for the directory authorities? Are their any
>> plans to move the power to blacklist nodes out of the hands of the Tor Project
>> and into the hands of its users somehow.
> 
> This is pretty interesting point, but then i'm personally not really interested in having any control over the actual blacklist. I'd feel plenty comfortable with just insight into what is blacklisted, for what reason and if possible some evidence to support this reason. Giving control to "the people" isn't always a good thing either as even in TOR circles there'd be people that can't deal with having power on any level. Transparency is probably the word I was looking for to use. 
> I didn't fill in contact information on my fresh tor relay simply because the app I use doesn't allow me to. (my tor relay runs on an Ouya, therefore android) Regardless of the absence of contact information the reason I run the relay are in line with the reasons why TOR exists. 
> 
> 2014-11-07 22:35 GMT+01:00 Derric Atzrott <datzrott at alizeepathology.com>:
> 
>>> How does one establish trust online though? Trust is a very delicate thing. A
>>> system such as this simply inherently has these challenges. Pretty sure that
>>> is why the tor browser for example always uses https.
>> 
>> Indeed, both the centralised and decentralised systems that are currently in
>> place have major issues. Within centralised systems like the Certificate
>> Authority system we see corruption (have you seen their fees) and we must
>> trust them to actually verify identities and to remain secure, something
>> at least a few CAs have proven that they can't do. Then we also have to
>> trust our vendors to provide default lists of CAs to trust that are in
>> fact worth of our trust.
>> 
>> Within decentralised systems like PGP we have to worry about the network
>> effect, and making sure that people understand what they are actually doing,
>> again we worry about whether or not we can trust our friends, and whether or
>> not we can trust their friends.
>> 
>> Trust is probably one of the hardest problems facing folks using the Internet.
>> 
>> With that in mind, he does raise a valid point. Are there any plans to move
>> to a more decentralised model for the directory authorities? Are their any
>> plans to move the power to blacklist nodes out of the hands of the Tor Project
>> and into the hands of its users somehow.
>> 
>> I'm not exactly sure how either of those would be accomplished, but I'm sure
>> there is a clever solution somewhere.
>> 
>> Thank you,
>> Derric Atzrott
>> 
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays [1]
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays [1]

Trust can also be purchased indirectly. The operator you began trusting
could hand over the keys for a price. 

Links:
------
[1] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20141107/c59cd48e/attachment-0001.html>

More information about the tor-relays mailing list