Delivery-Date: Thu, 24 Jul 2014 17:27:27 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 5C8F31E0A85
	for <archiver@seul.org>; Thu, 24 Jul 2014 17:27:23 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id D62E12EF4A;
	Thu, 24 Jul 2014 21:27:21 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 06E752E8DE
 for <tor-talk@lists.torproject.org>; Thu, 24 Jul 2014 21:16:49 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id KShmDPuFY5nP for <tor-talk@lists.torproject.org>;
 Thu, 24 Jul 2014 21:16:48 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id D48B72E74C
 for <tor-talk@lists.torproject.org>; Thu, 24 Jul 2014 21:16:48 +0000 (UTC)
Received: from fulvetta.riseup.net (fulvetta-pn.riseup.net [10.0.1.75])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by mx1.riseup.net (Postfix) with ESMTPS id BAD4755B29
 for <tor-talk@lists.torproject.org>; Thu, 24 Jul 2014 14:16:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=riseup.net; s=squak;
 t=1406236604; bh=HBRJT3RwBl3PT1LoPdMfiUe9tIjXbj5MrU1q1VInBIc=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=RH9lrcDNhnOEH9VilQM6H3WCV5/pjd3PjXiAIRDmYACrMNnlnMck6nzYXP7+0SKVi
 4BcywyFsiynuW7b5Y6tWEi8xAmDfUPb8LtGOeEwBJxT0PAyZGV8nnEiorAlgoft6aF
 yJEm0aANfUpJqMAC/UvUndkYLDRgNPGUc39iOZdY=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir@fulvetta.riseup.net)
 with ESMTPSA id 7ACE01D6
Message-ID: <53D177B8.4010306@riseup.net>
Date: Thu, 24 Jul 2014 15:16:40 -0600
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <53D16B7A.6000100@cpunk.us> <20140724203626.GS7408@moria.seul.org>
In-Reply-To: <20140724203626.GS7408@moria.seul.org>
X-Enigmail-Version: 1.6
X-Virus-Scanned: clamav-milter 0.98.1 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Why does requesting for bridges by email require a
 Yahoo or Gmail address?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 07/24/2014 02:36 PM, Roger Dingledine wrote:
> On Thu, Jul 24, 2014 at 03:24:26PM -0500, Cypher wrote:
>> In light of the last year of disclosures by Edward Snowden, why is Tor
>> requiring that I establish an account with an email provider that is
>> completely out of my control and has a general history of complying with
>> law enforcement data requests? Why those two providers specically?
> 
> Because we need an adequately popular provider that makes it hard to
> generate lots of addresses. Otherwise an attacker could make millions
> of addresses and "be" millions of different people asking for bridges.
> 
> https://svn.torproject.org/svn/projects/design-paper/blocking.html#tth_sEc7.4

That totally makes sense.

> (Also, it recently became clear that it would be useful for people to
> access this provider via https, rather than http, so a network adversary
> can't just sniff the bridge addresses off the Internet when the user
> reads her mail. And it would also be nice to not use providers that turn
> their entire email databases over to the adversary, even unwittingly.
> Lots of adversaries and lots of goals to manage at once here.)
> 
> --Roger

Right, and with HTTPS, users' ISPs (and their friends) can't even see
that bridges are being provided. Does the bridge database talk directly
with Google and Yahoo mail servers, to prevent possible XKeyScore snooping?
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

