Pedro Melo wrote: > Hi, > > On Aug 26, 2008, at 2:41 PM, Dirk Meyer wrote: > >> in case you do not read Slashdot or follow Usenix publications, here >> is an interessting link: >> http://www.cs.cmu.edu/~perspectives/perspectives_usenix08.pdf >> >> The question is: who is the Notary Server in our case. It can not be >> the XMPP server because the XMPP is one of the view points an attacker >> could be. > > I read it and my first though was: what is the advantage of a notary > to a web of trust?
IMHO it is more like the Byzantine Fault Tolerance. You do not have to trust the notary server, you just assume that maybe one or two may be lying, but not all of them. When I want to open a secure connection to you I could ask five notary servers around the globe (e.g. different XMPP server in a different domain). If four out of five report the same fingerprint for you I could trust it. If they also report that the fingerprint is the same for half a year now, I can be sure it is yours. Ok, it is not 100% correct, but an attacker must manipulate many different server to fake your key and an attacker can not know which notary servers I will ask. Dirk -- Work is the greatest thing in the world, so save some for tomorrow.
