Delivery-Date: Sun, 23 Nov 2014 20:57:26 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 43B6C1E0A37;
	Sun, 23 Nov 2014 20:57:25 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 141263207C;
	Mon, 24 Nov 2014 01:57:22 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0B3CD3174A
 for <tor-talk@lists.torproject.org>; Mon, 24 Nov 2014 01:57:19 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id a-dhMtAEHsL1 for <tor-talk@lists.torproject.org>;
 Mon, 24 Nov 2014 01:57:18 +0000 (UTC)
Received: from mail-ig0-x232.google.com (mail-ig0-x232.google.com
 [IPv6:2607:f8b0:4001:c05::232])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id C670730EE3
 for <tor-talk@lists.torproject.org>; Mon, 24 Nov 2014 01:57:18 +0000 (UTC)
Received: by mail-ig0-f178.google.com with SMTP id hl2so2437281igb.5
 for <tor-talk@lists.torproject.org>; Sun, 23 Nov 2014 17:57:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=t0BW4zF4JGd1DapXumb3uGU7zm1IXGs3ZyrvfnojVOA=;
 b=MTh9DgLvwvkALxr5MepfEBy/62c4dMxjz8UYu7FQCtSXDph5fMv6Es58Vb2KhP6Ulo
 vGMd8obD7GFEYZeggAI3JYy0iFLJabiRbt3cO15TaqXEANYl6rJMQ8oO5uY3Zt655gZ0
 Gie+6/iyxfCJi+x0j3dnpOuGLQRbW3xzob5wH6kpgQZTMUar52IA5QFVTX/3uLbfgrD4
 dT4UP+uYDRojWQ3xvvPpXWEBikJVJrzsctYWsXavRrtEv/mHD75A/aknWHeSlk+3tsb2
 JPnqwllVWqsLJucHHKBsezNCLn6TteFWlnhV+orp3dzSe7TQR/xrFDwqhBda6gmDbSwt
 0YMg==
MIME-Version: 1.0
X-Received: by 10.107.138.5 with SMTP id m5mr14450560iod.85.1416794236358;
 Sun, 23 Nov 2014 17:57:16 -0800 (PST)
Received: by 10.107.18.65 with HTTP; Sun, 23 Nov 2014 17:57:16 -0800 (PST)
In-Reply-To: <008cbe7468ef38777d2e2addf83b21b2.squirrel@bitmailendavkbec.onion>
References: <008cbe7468ef38777d2e2addf83b21b2.squirrel@bitmailendavkbec.onion>
Date: Mon, 24 Nov 2014 01:57:16 +0000
Message-ID: <CAAS2fgSJ7fqJeGYDBX0qc7XtoeNOt6j-KCdjuN63GxYt-Pc94Q@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: "This mailing list is for all discussion about theory, design,
 and development of Onion Routing." <tor-talk@lists.torproject.org>
Subject: Re: [tor-talk] Propsal for decentralization of the Tor network
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Mon, Nov 24, 2014 at 1:07 AM,
<BM-2cUqBqHFVDHuY34ZcpL3PNgkpLUEEer8ev@bitmessage.ch> wrote:
> I have carefully checked trac and torproject.org website for proposals,
> seen many interesting ones but not a single one to decentralize the Tor
> network from the direcotry authorities. There are many ways to accomplish
> this apparently, and it's the only way to guarantee full independence and
> anonymity.
>
> Are there even plans to make this change? Or the current system which
> offers full control for few people seams good enough to you?

It's far from clear to me that substantially stronger decentralization
is practically possible for this application; at least not without
additional assumptions and exposure to new and concerning attack
vectors.

I think a better short term goal would be improving review and
auditability... which I think can be done.  E.g. better tools for
providing convincing evidence that the directory authorities are not
misbehaving, and additional protections against misbehaving, better
automatic handling should authorities misbehave. (E.g. making it so
that authority signing is moved into a HSM which at least enforces the
constraint that only a single signature will be given for a particular
time period, or the like;  making proof of a misbehaving authority
forever ban that authority, beyond a threshold misbehaving should shut
down the network until manually overridden, etc.).
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

