Re: [freehaven-dev] Revocation

[Roger Dingledine <arma@mit.edu>]

On Tue, May 16, 2000 at 02:06:04AM -0400, dmolnar wrote:
> Are we going to mention revocation by allowing revocation requests signed
> by the same key used to sign the other shares? That doesn't have the same
> "adversary can grab H(x) and put in his own shares" problem that this
> proposal does.

"the same key"? you mean the key that was used to sign the shares?

that means the author needs to keep the share-signing key around, rather
than throwing it away as soon as he builds the shares.

that's bad.
 
> On the other hand, the H(x) proposal allows me to delegate the ability to
> unpublish to someone I've never met -- I just grab their publically known
> H(x) value. This allows a dissident to delegate the ability to unpublish
> to Amnesty International...but also allows a state to mandate everyone
> delegate the ability to unpublish to the Ministry of Truth. 

good points.
 
> The question is -- do we want to go into all of the above in revocation?
 
well, yes. i think we need to mention it and describe what we've concluded.

thanks,
--roger