Delivery-Date: Sat, 11 Jun 2016 03:19:26 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [138.201.14.202])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 89EBA1E004D;
	Sat, 11 Jun 2016 03:19:24 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 15D43E07B0;
	Sat, 11 Jun 2016 07:19:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3E4DDE029C
 for <tor-talk@lists.torproject.org>; Sat, 11 Jun 2016 07:19:03 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id LoqoNc-I3nBI for <tor-talk@lists.torproject.org>;
 Sat, 11 Jun 2016 07:19:03 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 6073BE0E8C
 for <tor-talk@lists.torproject.org>; Sat, 11 Jun 2016 07:19:02 +0000 (UTC)
Received: from piha.riseup.net (unknown [10.0.1.163])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 3F3351A26E9
 for <tor-talk@lists.torproject.org>; Sat, 11 Jun 2016 07:18:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1465629539; bh=Hgevs5jok4vo5SYhM+sGSLMf57SUUufCh8tXp0mHpY0=;
 h=In-Reply-To:References:Subject:From:Date:To:From;
 b=IIawFkAXswYA2oGT2ktgJCtln93bjK/EYNB28+k3M8xeG/+uKj9Q5kqOqgB/F2P5K
 kqPfLbLpNUgKeFExP3zw6zZspCmxXJliTNIE18mZPQb+eQq/pcGr/ii/4KIPASYTRN
 wSm+453sfKQORkEqp2ZqkQDmWQh94FhD/iPDbGaY=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: flipchan) with ESMTPSA id 589751C004A
In-Reply-To: <CAKws9z2UxNK0z9aKRSEoZLjYLj+mqCkgVOk9YN8Wa4Dgpk5gQg@mail.gmail.com>
References: <CAKws9z2UxNK0z9aKRSEoZLjYLj+mqCkgVOk9YN8Wa4Dgpk5gQg@mail.gmail.com>
MIME-Version: 1.0
From: Flipchan <flipchan@riseup.net>
Date: Sat, 11 Jun 2016 09:18:52 +0200
To: tor-talk@lists.torproject.org
Message-ID: <EEE289A9-DB5C-4D7D-BDE3-5B65EF728AED@riseup.net>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Tor-Friendly Two-Factor Authentication?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Let me awnser this for u:) use pgp , if c alot of ppl that use Googles stuff but all gets send back to Google so i wouldnt want them to get my data, github.com/flipchan/blogger i created 2factor so if the usr got a pgp fingerprint it will be redirected to 2factor.html after login ,then u generate a code(string of chars) and encrypt it with X users fingerprint and give it 2min to decrypt ,thats pgp :) 

Scott Arciszewski <scott@paragonie.com> skrev: (11 juni 2016 03:58:16 CEST)
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA256
>
>Hi,
>
>I'm developing a CMS platform called Airship and I'd like to make it
>as Tor-friendly as possible.
>
>Someone from the community suggested Two-Factor Authentication, but as
>far as I'm aware there aren't many good options:
>
>* SMS-based authentication requires a phone number, which is
>identifying information
>* Google Authenticator requires a Google Account, which now-a-days
>requires surrendering your phone number to Google
>* FIDO U2F requires users to purchase separate hardware devices which,
>while cheap, aren't already in the arsenal of most netizens
>
>I was curious if anyone in/around Tor was aware of any
>privacy-preserving 2FA initiatives.
>
>Thanks a lot,
>
>Scott Arciszewski
>Chief Development Officer
>Paragon Initiative Enterprises
>-----BEGIN PGP SIGNATURE-----
>Version: Mailvelope v1.4.0
>Comment: https://www.mailvelope.com
>
>wsBcBAEBCAAQBQJXW3AsCRBrl6HCgmQE2gAA06YIAIx89seJ/M1Z+8V6+4sP
>VRMCOcH2tPBbBl7KW17RRDuO2aoDsWNiaLNgY7ssHcm2xBte0T04uNTxfYxu
>8/pzzgUrU6L7WHcUnGdUfqHtdBr6DY6xSrSavu6VwEATm0f5qDl3AouHyd9X
>9aZs1nNX0/QQc/hMOE+hfkGl0rUDKKiwXCxLqXTxdxHiNqixQjb2GpfbiUen
>ph4BLFAIFsUZ/STGRJOY31SVB/Lk9MOG2VOPlhXa27R+8IV7rcq41sQtEdUL
>AdDOOCazmNISpUz1/I6/0wW16fGqrHk3jbtWMklzl4LI5aFg1w3CmV/MLEZE
>i2HHPGvMiO3osSmyNBM2lL0=
>=a2E8
>-----END PGP SIGNATURE-----
>-- 
>tor-talk mailing list - tor-talk@lists.torproject.org
>To unsubscribe or change other settings go to
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
Sincerly Flipchan
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

