Delivery-Date: Tue, 23 Feb 2016 16:14:26 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 91AF81E032D;
	Tue, 23 Feb 2016 16:14:24 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id F3591396DB;
	Tue, 23 Feb 2016 21:14:18 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 85F50396C8
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 21:14:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id lwSgkRyeOFLh for <tor-talk@lists.torproject.org>;
 Tue, 23 Feb 2016 21:14:13 +0000 (UTC)
Received: from mail.witmond.nl (unknown
 [IPv6:2001:980:71b2:1:6887:4dff:feed:7c36])
 by eugeni.torproject.org (Postfix) with ESMTP id 29C4B3969C
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 21:14:13 +0000 (UTC)
X-Greylist: delayed 9150 seconds by postgrey-1.34 at eugeni;
 Tue, 23 Feb 2016 21:14:13 UTC
Received: from [IPv6:2001:980:71b2:1::6] (unknown [IPv6:2001:980:71b2:1::6])
 by mail.witmond.nl (Postfix) with ESMTPSA id 8AFB3C0684
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 21:04:24 +0000 (UTC)
Message-ID: <56CCC954.6080102@witmond.nl>
Date: Tue, 23 Feb 2016 22:04:20 +0100
From: Guido Witmond <guido@witmond.nl>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Icedove/31.8.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <56CB7795.7040501@witmond.nl> <56CC3191.1000402@beroal.in.ua>
 <56CCA590.5020506@witmond.nl> <56CCAA26.8070609@beroal.in.ua>
In-Reply-To: <56CCAA26.8070609@beroal.in.ua>
Subject: Re: [tor-talk] Tor for everyone;
	introducing Eccentric Authentication
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============6944599938781280317=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6944599938781280317==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="HL9TO8KSXG2XnUGKCjiCKcTD0lVXHxara"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--HL9TO8KSXG2XnUGKCjiCKcTD0lVXHxara
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

On 02/23/16 19:51, me@beroal.in.ua wrote:
> On 23.02.16 20:31, Guido Witmond wrote:
>> The answer is to let strangers - who never met before - exchange
>> public keys in a verifiable way.
> This very statement makes no sense to me. Verifying strangers?

Indeed, verifying strangers doesn't make sense.

But the moment that two strangers wish to communicate, things get
interesting.

When people meet in person, they immediately know whom the are talking
to: to person in front of them. Even if they don't know each others'
names. Most people would recognize the other when they meet again. We
use face, voice, posture, way of expression, hairstyle, clothing,
eyewear, etc to recognize each other.

This is very nice property to have in digital communication: *Being able
to recognize someone with whom you have communicated before.*

It would be easy create such a system if privacy was no concern: sign
every message using your government provided digital identity card.
Tyrannical governments love this.

The challenge is to have that recognition property *while remaining
anonymous.*

So, I envision that people who have never met online don't need to know
of one other.

But as they meet at a website, a mailing list, a dating site, a web
shop, a blog, a forum etc, they want to be able to recognize each other
and be able to send private messages that no one else, including the
site/forum operators can read.

Being private is something we take for granted in real life. We usually
know when other people can hear our conversations and when not. With
digital communications we need to encrypt the communications to protect
it against eavesdropping. That's the third property: *Protect against
eavesdropping.*

There is one more: In real life, it's very hard for someone to
impersonate someone who you have met before. Most people would treat the
impersonator as a different person from the one they remember.

That leads to a fourth property: *Identities must be hard to spoof.*

This combinations of properties is the goal:
- being able to recognise others;
- while remaining anonymous;
- be able to send private messages;
- and being able to detect MitM's.

And with Tor in the mix, we can prevent most meta data of whom is
communicating to whom, when and how long.

And that's what I want to achieve.

With regards, Guido Witmond.


--HL9TO8KSXG2XnUGKCjiCKcTD0lVXHxara
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWzMlUAAoJEHPd8GglaNRmIE8P+gIX3oPxUqr1pDQYoo49b638
8YCzykRsZnciJIvsiQrxZFp0EtfnLsiX0es0SIHVWNwFqdB65ypD3K+gGW7uzx9b
QTXbTIHR1Z0qMluebc0GtlBdELw/afuNEmhGa0ifOxw14v+BX+KNJVg5BX0SPdjS
YHBjPIrWC0KEiYbr2LjcdGOVX8oOksVKTPrfwwUzmWw5cd8sVMLL9gr6U64LPL8U
8/rffRKWfXHx/UnSxnUfD72Sj5OvY+xXnL4HTWew0dbO6pSkbwkuO4vln+aIygx1
zUPoZoyG0mBdKc9UtXRMtJ4D8Kf/23cPKL+ZZ7nfOLuhHNEf5BO43ajoIm306ATn
W5lu4IxKra5oCBBjy6B2XIWUF6/SWnaLvJJfi/3uWlKoxb25iwLDSBCHBfCYN1xE
U9FWvM1Fe+acekG5VsFBmniBI8cApHS7+wWnkAT50qms6DmuKGYiGmYH2fx3PhGp
a9PvV2N4yg5VCc2KuDYxa3csCa9u+uFd7nrLdVeGvUkC0/qGdv6yL7CgfuHiDTlp
rkF4lzwKGaxQw513q6LBy7BiKZnPVCZLEl83vCyYDdGnZ7Ar2L33fDBlTgbs+i0g
octurgWcxIRCZg5OI7vLPEeZ1bjwaReXQeFzXVhasC1CLnoSpXkxABIBzuknPo5+
pxRUZ+zR5V8JbyddzcK7
=cdxM
-----END PGP SIGNATURE-----

--HL9TO8KSXG2XnUGKCjiCKcTD0lVXHxara--

--===============6944599938781280317==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============6944599938781280317==--

