Hello directly from Jimbo at Wikipedia

Jonathan D. Proulx jon at csail.mit.edu
Tue Sep 27 18:50:43 UTC 2005


I've not been following the latest round of this conversation as
closely as some, so salt comments as desired...

IT seems some are advocating TOR establishing a pseudonymous
authentication system such that it establishes some unknown entity is
the same unknown entity, and allowing web site (or other service)
operators query this system in some way to determine a karma score
that is also managed by tor, possibly based on length of use or some
such?

This seems bad for everyone and I'm puzzled who it would benefit.

Service operator such as Wikipedia would need to code for this system
and have soem kind of PKI or othe third party auth system hooked into
tor to verify claimed pseudonyms and also quary their karma from TOR.
Not to mention trusting TOR to provide a useful karma counter.

It would be simpler to just implement user accounts, even if they're
only required from users coming from "dirty" IP's like TOR (or AOL
proxies, or public library computers where users aren't tracked, or
what ever).  This uses know, simple, today technology and allows the
site operators to judge karma and exact punishment (account removal).
So that's my armchair site admin solution to a problem I don't
understand in operational depth :)

For the TOR/Anonymity side (i'm not a privacy expert), it seems like a
nightmare.  There's the added complexit in the code always bad in
security sensitive things.  Being able to definitively sa "the unknown
person is the same unknown person that has done the following
things..." seems like it would drasticly reduce one's anonymity set,
and that's assuming that a secure pseudonym system is implemented that
doesn't leak more directly.

Clearly something needs to be done.  I for one don't think TOR can do
it. If someone has time to really sit down with sites that are having
issue with TOR and code solutions that really fit their needs (instead
of just pointing out thier current "flaws" and saying "not my
problem") that would make TOR mor useful (as fewer sites would block
it) and generally be a Good Thing.  

Short of that if we as an email community can be more welcoming and
supportive of people who are having genuine problem because of the
relatively new anonymity TOR provides, perhaps they would be more
willing to put their energies into a compatable authentication sytem
that into defending their current operational model (when attacked
people tend to defend).

Back to lurking...
-jon




More information about the tor-talk mailing list