Delivery-Date: Thu, 02 Oct 2014 12:35:19 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 2AB8D1E0CAF;
	Thu,  2 Oct 2014 12:35:18 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 4516D2C040;
	Thu,  2 Oct 2014 16:35:13 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 237A22AA62
 for <tor-talk@lists.torproject.org>; Thu,  2 Oct 2014 16:35:10 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Bfc4sz6O5MZ3 for <tor-talk@lists.torproject.org>;
 Thu,  2 Oct 2014 16:35:10 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id EEC87283C1
 for <tor-talk@lists.torproject.org>; Thu,  2 Oct 2014 16:35:09 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net", Issuer "Gandi Standard SSL CA" (not verified))
 by mx1.riseup.net (Postfix) with ESMTPS id ED46154B64
 for <tor-talk@lists.torproject.org>; Thu,  2 Oct 2014 09:35:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1412267707; bh=iTqCdEPOJ8On6DHa4aPH7c8cKBk8kThy5lfPca2oLBA=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=PCcnjtnPTYFNIL/mTie5nboEI0iKc6ezYBSdvwCZHPo6Keq5sJZL4QjqTUwX+nCE3
 gXORvSoQRp51ELAB5xjXY85urn51RPYjM7EyIh7eE++CRW2H4+jjeK9sqB6xhFupx+
 20fxJX/z7I3xC6CTI/Dn2UHac0j4UEJqbtyptKL8=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 1A4A221D69
Message-ID: <542D7EB7.9030308@riseup.net>
Date: Thu, 02 Oct 2014 10:35:03 -0600
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <006e01cfdd7f$9fa4b370$deee1a50$@alizeepathology.com>
 <542C2D15.2020101@riseup.net>
 <012401cfdda3$01978a30$04c69e90$@alizeepathology.com>
 <012601cfdda7$67c319b0$37494d10$@alizeepathology.com>
 <CAJoS0DX-7XCY4E=DGuUuptwJFmB_VG1eVJv3pDJ-z5tNvBAMaA@mail.gmail.com>
 <013201cfddb1$020a19c0$061e4d40$@alizeepathology.com>
 <1412194370.28612.6.camel@anglachel>
 <014401cfddb6$f00ca2a0$d025e7e0$@alizeepathology.com>
 <1412199173.28612.8.camel@anglachel>
 <007f01cfde3f$ab386720$01a93560$@alizeepathology.com>
 <542D5854.7080902@riseup.net>
 <00ae01cfde4a$3f99bd60$becd3820$@alizeepathology.com>
In-Reply-To: <00ae01cfde4a$3f99bd60$becd3820$@alizeepathology.com>
X-Virus-Scanned: clamav-milter 0.98.4 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Wikimedia and Tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 10/02/2014 08:07 AM, Derric Atzrott wrote:
>>> I liked the GPG idea, and brought it back to Wikitech-l. I'll let
>>> you guys know if anyone there finds a way to completely break it.
> 
>> There's another possibility that's probably easier to implement and
>> test, but isn't so broadly useful as a hard-to-generate GnuPG key. In
>> creating a hidden service, the Tor client generates an RSA private_key
>> and uses the first 80 bytes of the key's SHA1 hash as the hostname.
>> Vanity hostnames being popular, there are published methods.[0]
> 
> I'm not entirely sure what you are suggesting?  Are you suggesting
> we leverage specify some portion of a SHA1 hash and require that
> the Tor clients trying to edit Wikipedia create a hidden service key
> that ends up matching that?

I'm suggesting that you require new accounts to generate a functional
GnuPG key (with normal key length etc) with a fingerprint (hash) that
begins with a random string supplied by Wikimedia. Although there are
shortcuts for creating keys with arbitrary fingerprints, they produce
keys with atypical key lengths etc. In order to produce a "normal" key
with the specified fingerprint substring, it would be necessary to
randomly generate numerous keys and select for the desired fingerprint.
Having accomplished that, the new user could edit the metadata to match
their account name and email address.

It just so happens, given the popularity of vanity Tor hidden-service
names, that there are apps that generate and select private keys in that
way. It's merely an example of the approach, which demonstrates its
feasibility. I suspect that creating a version for GnuPG keys would
require trivial modifications.

I'll ask about this on gnupg-users and report.

> Or are you suggesting that we do something involving requiring editors
> using Tor to create a hidden service with a certain hostname (are those
> hostnames called descriptors, I think they are, but I'm not 100% sure)?

No, I'm not suggesting anything about hidden services per se.

> Or something else entirely.
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

