Thus spake Raynardine (raynardine@xxxxxxxxxxx): > On 1/30/2013 6:08 PM, Andrew Lewman wrote: > > PIR-Tor is another idea, not quite DHT, not quite the current model, > > http://www.usenix.org/events/sec11/tech/full_papers/Mittal.pdf > > Hmm. I don't think a DHT is strictly-speaking what I'd recommend, but if > a bunch of men with guns arrested the administrators of the directory > authorities and demanding their private keys, I doubt that those > administrators could really limit the scope of damage. Can you explain why multipath consensus verification would not address the issues you're concerned about? > After reading about PIR-Tor, I am not amused and not pleased. We're also not fully convinced that either TorSK or PIR-TOR solutions are perfect (or even across-the-board improvements). That's why we haven't deployed them. In addition to having their own debatably risky security properties, each approach will introduce their own new engineering problems, especially on the load balancing, metrics, and performance end. > I'm sure you guys would not care if I left, and you probably wouldn't > care if those I know also left Tor, but if you guys do not take this > matter seriously, Tor will become irrelevant. Signed consensus documents that everyone can globally verify are the best way we know of to "take this matter seriously". -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk