[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Different degree of identification -> trustworthiness of Tor Relay operators

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Different degree of identification -> trustworthiness of Tor Relay operators
From: "Fabio Pietrosanti (naif) - lists" <lists@xxxxxxxxxxxxxxx>
Date: Thu, 28 Jan 2016 10:34:51 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 28 Jan 2016 04:35:56 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.5.1

Hello,

i've been considering that in the Tor network, end-users deserve the
"anonymity by design", but that's not a requirement for Tor Relay operators.

So, assuming that any Tor Relay that does bad-things is anonymous
(providing un-traceable or difficult-to-be-traced identifiable
information), why don't we increase a bit the complexity and costs to
stay anonymously unidentified as Tor Relay operators?

Actually a Tor relay do have a Contact information, with untrustuctured
data in it where i can type "Hello, i'm mikey mouse, write me to
cybercommand@xxxxxxx".

Now, we know that inside the Tor networks the Tor relays may have
different roles and different responsibilities.

I would like to propose the topic of introducing a certain degree of
verification, in order to obtain certain responsibilities:
- Email validation (Email based check)
- Phone number validation (SMS based check)

Based on those elements, enable for example to become Guard Nodes, or
HSDir or Tor DA Mirror, making sybil attacks *much harder* because it's
much harder to do Email and SMS validation with many different identities.

The Tor Consensus may have those information publicly available,
facilitating contacts and coordination also in case of abuse-detection
by the many way abuses get identified.

This would facilitate both Tor Project activities in detecting and
handling Tor Relays abusers and third party that would like to provide
reporting to the Tor Relay operator, rather than going to his ISPs
(causing him to get a takedown notice).

I know that this trigger a lot of criticism because it's a topic of
"identifying", but it's not about "Identifying Tor Relay Operators" but
"Identifying Tor Relay Operators Reliable Contact Information" that
would provider a lot of benefit for Tor Network and for Tor Relay
operators themselves.


-- 
Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org -
https://ahmia.fi
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Different degree of identification -> trustworthiness of Tor Relay operators
  - From: grarpamp
- Re: [tor-talk] Different degree of identification -> trustworthiness of Tor Relay operators
  - From: Moritz Bartl

Prev by Author: Re: [tor-talk] A multi-layer proof of work system to solve the Tor/CloudFlare problem?
Next by Author: [tor-talk] Exit Traffic classification and discrimination
Previous by thread: Re: [tor-talk] Tor relay and IPv6
Next by thread: Re: [tor-talk] Different degree of identification -> trustworthiness of Tor Relay operators
Index(es):
- Author
- Thread