[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Node Operators Web Of Trust

To: "tor-relays@xxxxxxxxxxxxxxxxxxxx" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Node Operators Web Of Trust
From: Vladimir Ivanov <ivlad@xxxxxxxxxx>
Date: Tue, 11 Nov 2014 12:33:32 +0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 11 Nov 2014 04:44:14 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1415698412; bh=kO/WH8nDXSXLX0t+HyNseQdCU5g3UZYlbz7mFMwrIqg=; h=From:To:In-Reply-To:References:Subject:Date; b=jcEzwua5OUK3AC/Nhv4J1zavRhq3jEmC85nbU0pVVv4uy9AKwUPFTv8TRjbIS/Kat Z2wQ7EtLd3rH7K9aBsUoE6wbiWP4c7PbeN80L7qsMKryddK60hJDdwebTLYy9YJv2b oj8tvNXyxsaD9ujyB+wqZlqRMiagVkIVRXQ6yEg0=
Envelope-from: ivlad@xxxxxxxxx
In-reply-to: <CAM8M=ki3y0xgOEdsTJPU_Y7DPVRQ37uZ5rPrE1W4i_TjByNNaQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti2__JyLd2CYfWOitEOkPfOFDOiGb7_xqtUCgo+cKrJRVKw@xxxxxxxxxxxxxx> <CAM8M=ki3y0xgOEdsTJPU_Y7DPVRQ37uZ5rPrE1W4i_TjByNNaQ@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Technically, you can try doing the oder way around: sign you PGP key with a private key of your tor node. Thus, you can prove, that you own the node.

10.11.2014, 13:58, "Gareth Llewellyn" <gareth@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>:

On Fri, Nov 7, 2014 at 8:26 PM, grarpamp <grarpamp@xxxxxxxxx> wrote:
Is it not time to establish a node operator web of trust?
Look at all the nodes out there with or without 'contact' info,
do you really know who runs them? Have you talked with
them? What are their motivations? Are they your friends?
Do you know where they work, such as you see them every day
stocking grocery store, or in some building with a badge on it?
Does their story jive? Are they active in the community/spaces
we are? Etc. This is huge potential problem.

I had an idea for this a little while ago; https://tortbv.link/ using the published GPG signature in the contact info to sign the node fingerprint, if you trust the GPG key then you can _possibly_ trust that the node is run by the named operator.

Never got round to actually doing anything with it though...
,
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Vladimir Ivanov

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Node Operators Web Of Trust
  - From: grarpamp
- Re: [tor-relays] Node Operators Web Of Trust
  - From: Gareth Llewellyn

Prev by Author: Re: [tor-relays] doc/HARDENING Draft
Next by Author: Re: [tor-relays] Call for obfs4 bridges, and a brief discussion of obfs4proxy.
Previous by thread: Re: [tor-relays] Node Operators Web Of Trust
Next by thread: Re: [tor-relays] Node Operators Web Of Trust
Index(es):
- Author
- Thread