Delivery-Date: Tue, 23 Feb 2016 17:59:37 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 887291E08D9;
	Tue, 23 Feb 2016 17:59:35 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7EF2939907;
	Tue, 23 Feb 2016 22:59:31 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B25093990B
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 22:59:27 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id zFnDM7Nj6QSF for <tor-talk@lists.torproject.org>;
 Tue, 23 Feb 2016 22:59:27 +0000 (UTC)
Received: from mail.witmond.nl (unknown
 [IPv6:2001:980:71b2:1:6887:4dff:feed:7c36])
 by eugeni.torproject.org (Postfix) with ESMTP id 53AF9398F2
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 22:59:27 +0000 (UTC)
Received: from [IPv6:2001:980:71b2:1::6] (unknown [IPv6:2001:980:71b2:1::6])
 by mail.witmond.nl (Postfix) with ESMTPSA id EE03AC0F41
 for <tor-talk@lists.torproject.org>; Tue, 23 Feb 2016 22:49:41 +0000 (UTC)
Message-ID: <56CCE201.7070706@witmond.nl>
Date: Tue, 23 Feb 2016 23:49:37 +0100
From: Guido Witmond <guido@witmond.nl>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Icedove/31.8.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <56CB7795.7040501@witmond.nl> <56CC3191.1000402@beroal.in.ua>
 <56CCA590.5020506@witmond.nl> <56CCAA26.8070609@beroal.in.ua>
 <56CCC954.6080102@witmond.nl>
 <CAB7TAMmRBgO2FPvV8rpW7ZaWZ14hbvQ_3NZyhENi4bN1aKDBuw@mail.gmail.com>
In-Reply-To: <CAB7TAMmRBgO2FPvV8rpW7ZaWZ14hbvQ_3NZyhENi4bN1aKDBuw@mail.gmail.com>
Subject: Re: [tor-talk] Tor for everyone;
	introducing Eccentric Authentication
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5033435643195335182=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5033435643195335182==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="ateht5Lg8KsL0dQxg2TOatiQhFNtWbW07"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ateht5Lg8KsL0dQxg2TOatiQhFNtWbW07
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

Hi Allen,

Good questions.


On 02/23/16 22:26, Allen wrote:
> I don't understand.  If a message is associated with an identity, then =
it
> is not anonymous, it is at best pseudo-anonymous.  Which are you propos=
ing,
> truly anonymous messages that have no identity associated with them, or=

> pseudo-anonymous messages that have a pseudo-anonymous identity associa=
ted
> with them?

Each message is associated with an identity. There may be multiple
messages bearing that same identity. That makes is a pseudonym.

But the protocol suggests (strongly) to create a new private key for
each site. That makes my 'facebook' posts independent from my 'twitter'
stream.

As there is no need to provide more than a nickname and a public key (no
email address) at signup, there is no way for both to collude and link
my identities. I could even employ multiple 'facebook' or 'twitter'
identities, separating work and private accounts, etc.

If I want to respond anonymously to a message, I could create a new
identity just for that purpose and destroy the private key afterwards.

In those respects it's more anonymous.

I expect a combination of both. Some identities I treasure and I want to
build a reputation on them, other identities are throwaways at a web
shop, or to troll at a forum.

Axiom: The more one uses an identity, the less anonymous it gets.


> Second, it is easy to prevent spoofing of pseudo-anonymous identities u=
sing
> digital signing.  The identity is represented by a public signing key, =
and
> if a message is signed using the corresponding private key, it must hav=
e
> been sent by a person who knows the private key.  What else is required=

> beyond that?

You are correct that every key represents an identity. The computer has
no problem keeping them apart. But humans do. The amount of entropy in
each key is too large for humans to handle.

That's why I let people chose a nickname at signup time. I'd chose a
nickname of guido@tor-talk (if available) to build my reputation here.
I'd chose a more random anon-15245325486@facebook to respond to
someone's timeline.

Secondly, with the requirement that nickname@sitename.tld to be unique,
I could write that nickname on a business card and hand it out. People
could verify at a verification service that there is only one
certificate (and public key) for that name and be sure to have gotten
*my* public key. From that point, they can send encrypted messages to me.=


If that sitename.tld is my own domain (and as such my own CA), I can be
sure that no one else has the ability to sign certificates to
impersonate me. Hence I can exchange a certificate by just writing a
nickname@sitename on a business card. How more human friendly can you get=
?


With regards,

Guido Witmond.


--ateht5Lg8KsL0dQxg2TOatiQhFNtWbW07
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWzOIBAAoJEHPd8GglaNRmlAcP/27VXTvlm6FghjNXMmDWsfjj
AVwbEXPJJ48Z82A3dKxjF5qlPg8tN4vyBYrsmxLxlX/0Oa8BEjVWrcaJArYoOPdd
Nl4o63H0NF8zSEBcIeAP+OstzjkYW/yLvDRrNfjk/hQtBe8w03UccedGVp0DEIQQ
rhmAPnMAav54QGHUctRgqtNufll22eNpSd5uwR2BhnO5JtwsDqtwk+GddOZvlhcq
Kvfx/v3uK7qYSwFtPaGd56zOgYZfLxrgvnbEta3+qaD48itDfXfx06TbPn7/iISM
+WfGSwi6vMIEpe0tj5RzFMRuehqLKhqUGT/FUWva6a6Gsy7N+R85T1AR+nVlI+AZ
Pn7D6fE94SNn7Rp1WT1XS7o5bgFonwC/4wfWREA9i9moiiwN0aMD0tD/Cxz8m6yw
jZq3fY7WzkNWWnCyHVUmG7TBpDccZ7KZVD35VPhmZaIHwOCejqPm2RJoGxgCb5O1
AlNZtDu7dev87ySZx4xY6I46wRjqbu8/ZW+GcVWT4O3eyrONrqdbz1uHQCuHhB0q
BX2pzkM0A6yB7fTHzT9i2dX+Kukq1vPg9ZJGMGl2YqLIzPGbfwgN/yNiX+N1d7El
a+/vLtaviSEJwPSPeF6NwPiOtg8S+Y9EzGlcyg32m7YmQ3O0ED0GBKO2JLpS/v9H
jWr0Vf/aiP8w1R5KPdvj
=s5r/
-----END PGP SIGNATURE-----

--ateht5Lg8KsL0dQxg2TOatiQhFNtWbW07--

--===============5033435643195335182==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============5033435643195335182==--

