[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

nym-0.2 released

To: or-talk@xxxxxxxx
Subject: nym-0.2 released
From: Jason Holt <jason@xxxxxxxxxxxx>
Date: Sat, 1 Oct 2005 02:18:43 +0000 (UTC)
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Fri, 30 Sep 2005 22:18:56 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx


nym-0.2 is now available at:

http://www.lunkwill.org/src/nym/

My tor server is currently down, so I can't set up a public trial of this, but perhaps someone else will. This release makes the following improvements:

* Tokens are now issued one-per-IP to clients via a "token" CGI script. Tokens are still blindly issued, so nobody (including the token issuer) can associate tokens with IP addresses. The list of already-served IPs could be periodically removed, allowing users to obtain new pseudonyms on a regular basis. (Abusers will then need to be re-blocked assuming they re-misbehave).

* A token can be used to obtain a signature on a client certificate from a separate "CA" CGI script (potentially on a different machine). Tokens can only be "spent" to obtain one cert. Code to make a CA, client certs and have the certs signed is included.

* The CA public key can be installed on a third web server (or proxy) to require that users have a valid client certificate. Servers can maintain a blacklist of misbehaving client certs. Misbehavers will then be unable to access the server until they obtain a new token and client cert (via a new IP).

My proposal for using this to enable tor users to play at Wikipedia is as follows:

1. Install a token server on a public IP. The token server can optionally be provided Wikipedia's blocked-IP list and refuse to issue tokens to offending IPs. Tor users use their real IP to obtain a blinded token.

2. Install a CA as a hidden service. Tor users use their unblinded tokens to obtain a client certificate, which they install in their browser.

3. Install a wikipedia-gateway SSL web proxy (optionally also a hidden service) which checks client certs and communicates a client identifier to MediaWiki, which MediaWiki will use in place of the REMOTE_ADDR (client IP address) for connections from the proxy. When a user misbehaves, Wikipedia admins block the client identifier just as they would have blocked an offending IP address.

-J

Prev by Author: Re: Pseudonymity for tor: nym-0.1 (fwd)
Next by Author: Greetings/Question - Was: RE: Have some consideration for users...
Previous by thread: Re: tor traffic ratelimiting
Index(es):
- Author
- Thread