Chad Z. Hower aka Kudzu wrote:
Nice thougt, but on second thought impracticable for various reasons: as you pointed out, it sacrifices security, which IMO is not up for discussion. Also, it would become much harder for new tor nodes to be added to the network (I, for example, do not know any other tor operators personally) and therefore would also sacrifice potential capacities and performance. Plus, we don't really gain any security, since an "attacker" would only have to gain the trust of one established operator with one legitimate node to add the imaginary thousands of illegitimate others to his trust list and therefore to the web of trust.A manually administered . . . centralized list? Because, call me crazy, but a centralized list of "authorized routers" has some very, very obvious flaws in it, both technical and security-related.Maybe a trust model? Ie like Facebook.. I trust my friends.. they trust their friends... Removes some anon a bit ... but if you have 3 levels as I believe TOR does should provide some reasonable level of anonymity and maybe what is sacrificed could be recompensated by other means.
Just my thoughts... Andrew