On Mon, 6 Dec 2010, grarpamp wrote:
And what if the oponnent runs a hidden service trap?... seems that then just watching or running the client's entry guard [1] is all that is needed to confirm both connection and content? Yipes?!!! I'm no expert. This sounds like a very hard and real problem. Thanks! [1] One single lucky node, not two, the trap serves as the exit watchpoint as well.
I'm too obtuse to understand, just with your footnote alone, what a "hidden service trap" is - would you provide a further explanation, or a link to one ?
Maybe there would also be benefit in a web of trust amongst nodes not unlike a keysigning party. As with social networking, people vouch for each other in various ways and strengths based on how they feel that person meets them. I don't see any reason why node operators [descriptors] could not keysign and have that web encoded into the descriptors, directories, DHT, etc.
I proposed early in the previous thread that not only should a web of trust be considered, but that this was indeed a classic case of a web of trust ... I didn't see any comment on this from the Big Names on the list, though...
*********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/