[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Convergence.io + Tor



Hey, it's been a while so I'm sorry if this has already been
discussed. Hadn't seen it in the archives

I wanted to bring up the subject of Convergence.io as it fits in with
Tor. Details here: http://convergence.io/

The short version of it is that it's a replacement to the current CA
system. Instead of relying on a single entity for validation, it
applies a web-of-trust style validation process. For example, you
would install a bunch of trusted notaries into your browser so that
when you visit an SSL enabled site, the certificate is validated
between all of them so that you hopefully come to a consensus (or at
least a majority) about the authenticity of that cert. There's a lot
more to it but you can read about it yourself.

My thought is that if implemented correctly (which it's currently
not), this could get more people to enable SSL on their sites with
their own self signed certificate thereby making Tor browsing more
secure. Secondly, hosting notaries as hidden services may be a good
way to implement this on the Tor network.

Also it seems like Moxie is attempting to implement some of the same
infrastructure paradigms that Tor has already so I wonder if anything
can be applied that Tor already has learned.

Moxie's talking about Convergence: http://www.youtube.com/watch?v=Z7Wl2FW2TcA



@
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk