carlo von lynX: > So you are advocating for integrating GNUnet or Tor into the > distribution of web browsers?
I do think that this is one approach. And solutions like Tails are another one. >> There are several good reasons why the (vast) majority of users does >> not want to install software in addition to a web browser to be able >> to communicate with others. Alternatives or design requirements >> which do not take that into account will not lead to a different >> situation. > > That is outside the scope of this working group. Dissemination is mentioned as a topic for the 30C3 assembly. And (at least) in that context it seems to be in scope. > People who are not going to have a Tor or GNUnet node on their > computers can't be helped. That statement is like "Windows users can't be helped". They can never have an absolutely secure system without migrating to another operating system. But that does not imply that improving their security is impossible as long as they do not make that step. It really depends on the threats one intends to protect against. > So let's consider the possibility that the W3C requires all browser > vendors to upgrade to a "Tor Browser" with built-in end-to-end > messaging separated from the regular web rendering engines. To avoid misunderstandings. I do not speek for the W3C, but it can not and will not "require" that. It does not even require web browsers to use HTML. It is not involved in specifying such protocols. It also is not specifying http or requiring that browsers use http. Such specifications are a matter for the IETF. And you might be aware that some interesting work is taking place within the IETF recently. > Let's also presume that the privacy community doesn't fall prey to > that trojan horse called WebRTC which comes equipped with MITM > capabilities and missed the chance to at least mandate pinning. Such decisions are not immutable. > How many minutes would it take until all major vendors are compelled > to provide backdoors? How many >90% of humanity are using web browsers > from insecure sources? > > Don't you see that the architecture of the web is completely hopeless? I do not get what you want to tell me. Cheers, Andreas
