[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Servers Should Use a Secure Mix Algorithm



Peter Hendrickson wrote:

>Colin Tuckley writes:
>  
>
>>While I have to agree with you on this in theory, I feel it's rather
>>premature in practice for the following reasons:
>>
>>1) Mixminion *is* still in alpha, there is a lot of testing going on
>>and having the timed algorithm made that easier/quicker.
>>    
>>
>
>Using the timed algorithm, however, gives a falsely positive picture
>of how the system performs.  Applications using Mixminion should be
>developed and tested using the real thing.  If the system is not
>usable with a real mix algorithm, then we need to solve that problem.
>  
>
Agreed.  Always test against the production model.  The mixminion
package itself is pretty stable.  It's time to make the mixnet behave
like a mixnet.

>>If Nick thinks it's time for real algorithms then it's also time for
>>the software to be Beta. (Comments Nick?)
>>    
>>
>
>It is actually quite reasonable to use a real mix algorithm during the
>Alpha or even development phases.  There's simply no other way to get
>a feel for how the real system will perform.
>  
>
Yes and yes.  I've been burned by unrealistic testing before.

>My judgment was and is that it's time to move forward.  We might as
>well try the system out with a real mix.  Mixminion is beautifully
>designed, but we've never really tried it out.
>  
>
Production-quality anonymizing networks are going to be a hot commodity
soon.  Let's be ahead of the curve. 

>In any event, Wiredyne is sticking with a real mix.
>  
>
As is Tweep.  If something breaks, we fix it.

-- 
Roy M. Silvernail is roy@xxxxxxxxxxxxxxxx, and you're not
"It's just this little chromium switch, here." - TFT
CRM114->procmail->/dev/null->bliss
http://www.rant-central.com

Attachment: signature.asc
Description: OpenPGP digital signature