[tor-dev] Questions about "Tor Messenger CONIKS integration"

Subject: [tor-dev] Questions about "Tor Messenger CONIKS integration"

From: Go <simplesmtptest123@xxxxxxxxx>

Date: Tue, 19 Apr 2016 15:28:49 -0400

Delivery-date: Tue, 19 Apr 2016 15:29:02 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to; bh=RlUJ4XsgEDmbv9OW0jYfUIk7iQHghyaypt4I+b0MQ/c=; b=T820rpOgrXFziiRSHdtA/RwwTt5Zr5EKr3DBHD8OKREsPVFxO87cFHWeLR32JO+t3z DH28BaNqcXI7cdEepsIoFAr8O3ZQv9GHIc1297YN+kFwLHuOFGXkGcNt7uEh1fdV3aaV cRaeUQL4/Z1b3EheM0a9k6hCeASoVr51EdDM1OIg9N1OAbNp6HZFxbQbuFmnJoBl2oCK lISzfPP5/wzTzKhsLUAUoL2gHTX9SZU7IWTtwUezleVZHTFeDJTw6FaSB1misOQethDc 3TrtzSZ4qrBMh+PfRG+y3pLToNlnOJWYyt3kvRcm8OoKxSUsW9XrEJXCamo2apkMdtk2 CIag==

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi,Â

CONIKS seems to be a very useful system. Just curious: do Tor messenger users need to hand out their real identities (facebook account, twitter account, etc.) to CONIKS servers? If so it seems dangerous to put all the identities in a centralized service.Â If the CONIKS servers have been compromised, will the attacker be able to figure out theÂsocial networking profiles of TorÂmessenger users?Â

Thanks!

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev