Hi Allen, Good questions. On 02/23/16 22:26, Allen wrote: > I don't understand. If a message is associated with an identity, then it > is not anonymous, it is at best pseudo-anonymous. Which are you proposing, > truly anonymous messages that have no identity associated with them, or > pseudo-anonymous messages that have a pseudo-anonymous identity associated > with them? Each message is associated with an identity. There may be multiple messages bearing that same identity. That makes is a pseudonym. But the protocol suggests (strongly) to create a new private key for each site. That makes my 'facebook' posts independent from my 'twitter' stream. As there is no need to provide more than a nickname and a public key (no email address) at signup, there is no way for both to collude and link my identities. I could even employ multiple 'facebook' or 'twitter' identities, separating work and private accounts, etc. If I want to respond anonymously to a message, I could create a new identity just for that purpose and destroy the private key afterwards. In those respects it's more anonymous. I expect a combination of both. Some identities I treasure and I want to build a reputation on them, other identities are throwaways at a web shop, or to troll at a forum. Axiom: The more one uses an identity, the less anonymous it gets. > Second, it is easy to prevent spoofing of pseudo-anonymous identities using > digital signing. The identity is represented by a public signing key, and > if a message is signed using the corresponding private key, it must have > been sent by a person who knows the private key. What else is required > beyond that? You are correct that every key represents an identity. The computer has no problem keeping them apart. But humans do. The amount of entropy in each key is too large for humans to handle. That's why I let people chose a nickname at signup time. I'd chose a nickname of guido@tor-talk (if available) to build my reputation here. I'd chose a more random anon-15245325486@facebook to respond to someone's timeline. Secondly, with the requirement that nickname@xxxxxxxxxxxx to be unique, I could write that nickname on a business card and hand it out. People could verify at a verification service that there is only one certificate (and public key) for that name and be sure to have gotten *my* public key. From that point, they can send encrypted messages to me. If that sitename.tld is my own domain (and as such my own CA), I can be sure that no one else has the ability to sign certificates to impersonate me. Hence I can exchange a certificate by just writing a nickname@sitename on a business card. How more human friendly can you get? With regards, Guido Witmond.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk