Re: German data rentention law

[Lexi Pimenidis <lexi@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>]

On Sat, Oct 18, 2008 at 08:36:00PM CEST, Sven Anderson wrote:

Hej,

> In general I don't like to create the impression that the logging in  
> Tor nodes is so essential for the reliability of Tor. If the trust in  
> Tor would be based on the assumption, that the Tor nodes are not  
> compromised and not logging, the whole concept would be flawed, and I  
> would never support it.

I strongly agree on this one: Tor's strength is to provide security even in
the face of compromised hosts. Any solution which tries to distinct hosts in
"logging territory" and "non-logging territory" is inherently flawed (it
simply doesn't scale: sooner or later there will be no more nodes with
GUARD-flags). After all, onion routing was invented to deal with untrustworthy
nodes. All we would have to do is to extend the security "calculations" by
admitting that a node is not only influenced by its operator, but also a
country's government. (so, e.g. if all people within the same country would
also just put their nodes into the "family"-field, this would be a first
(ugly) fix. but this also doesn't scale, as it's only a theoretical concept)

Also, it should be brought into mind that this problem will not only be a
German one, but rather a European. Hence, IMHO, solutions like picking nodes
in a circuit based on country/jurisdiction would be a better approach[1].

Best Regards,

	Lexi

[1] Shameless plug: the OnionCoffee client has been able to 
		allow users to say that every nodein a circuit needs to be in a 
    different country.
-- 
Cizp.-Iguaky. Pbqi Ziybgicif, Pbtkdbkbist uobk IN-Fistbktbin
Kwoy: TS 8325, Tabpcbkpigfnk. 3, Fibrbg, Nbp: +49-271-740-2408
| Twdb gog, wst! Ztipafaztib, Vokifnbkbi ogc Ybcilig,
| Ogc pbicbk wost Ntbaparib!  Cokstwof fnocibkn, yin tbiffby Dbyobtg.
| Cw fnbt ist gog, ist wkybk Nak!  Ogc dig fa mpor wpf eib lojak;