On 07/25/2014 06:38 PM, isis wrote: > isis transcribed 4.9K bytes: >> Mirimir transcribed 1.5K bytes: >>> On 07/24/2014 02:36 PM, Roger Dingledine wrote: >>>> On Thu, Jul 24, 2014 at 03:24:26PM -0500, Cypher wrote: >>>>> In light of the last year of disclosures by Edward Snowden, why is Tor >>>>> requiring that I establish an account with an email provider that is >>>>> completely out of my control and has a general history of complying with >>>>> law enforcement data requests? Why those two providers specically? >>>> >>>> Because we need an adequately popular provider that makes it hard to >>>> generate lots of addresses. Otherwise an attacker could make millions >>>> of addresses and "be" millions of different people asking for bridges. >>>> >>>> https://svn.torproject.org/svn/projects/design-paper/blocking.html#tth_sEc7.4 >>> >>> That totally makes sense. >>> >>>> (Also, it recently became clear that it would be useful for people to >>>> access this provider via https, rather than http, so a network adversary >>>> can't just sniff the bridge addresses off the Internet when the user >>>> reads her mail. And it would also be nice to not use providers that turn >>>> their entire email databases over to the adversary, even unwittingly. >>>> Lots of adversaries and lots of goals to manage at once here.) >>>> >>>> --Roger >>> >>> Right, and with HTTPS, users' ISPs (and their friends) can't even see >>> that bridges are being provided. Does the bridge database talk directly >>> with Google and Yahoo mail servers, to prevent possible XKeyScore snooping? >> >> In addition to requiring that an email provider enforce some base difficulty >> level for obtaining new accounts, BridgeDB requires that a provider must >> have: >> >> 1) TLS enabled for both their SMTP and webmail/IMAP/POP interfaces. Using >> TLS >> when sending and receiving to/from the provider from BridgeDB is >> required. [0] >> 2) Verifiable DKIM signatures on the user's outgoing emails. >> >> I've long been in favour of removing Yahoo from the accepted providers. [1] >> However, we've decided not to do that for the sake of people who have already >> followed BridgeDB's instructions and obtained Yahoo email addresses, and >> we've >> opted for a different solution instead. [2] >> >> I'm also strongly in favour of adding Riseup! to the list of acceptable >> providers, as I believe that their account security, commitment to their >> users, unwillingness to hand over logs, and difficulty of account creation to >> be orders of magnitude better than any other email provider out there. I'm >> currently working with the Riseup! birds to get (2) enabled so that we can do >> this. [3] >> >> [0]: https://trac.torproject.org/projects/tor/ticket/10989 >> [1]: https://trac.torproject.org/projects/tor/ticket/11140 >> [2]: https://trac.torproject.org/projects/tor/ticket/11330 >> [3]: https://trac.torproject.org/projects/tor/ticket/11139 > > > And... obviously, five minutes after I sent that email, I realised that > Riseup!'s DKIM signature now checks out fine, meaning that you all should now > be able to email BridgeDB from a riseup.net email address to receive > bridges. [0]
That's very cool! > Thank the Riseup! birds for fixing this (and for being all around a great > bunch of people with everything they do). <3 Yes, I love them too :) > [0]: https://trac.torproject.org/projects/tor/ticket/11139#comment:15 > > > -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
