On Mon, Nov 24, 2014 at 1:07 AM, <[email protected]> wrote: > I have carefully checked trac and torproject.org website for proposals, > seen many interesting ones but not a single one to decentralize the Tor > network from the direcotry authorities. There are many ways to accomplish > this apparently, and it's the only way to guarantee full independence and > anonymity. > > Are there even plans to make this change? Or the current system which > offers full control for few people seams good enough to you?
It's far from clear to me that substantially stronger decentralization is practically possible for this application; at least not without additional assumptions and exposure to new and concerning attack vectors. I think a better short term goal would be improving review and auditability... which I think can be done. E.g. better tools for providing convincing evidence that the directory authorities are not misbehaving, and additional protections against misbehaving, better automatic handling should authorities misbehave. (E.g. making it so that authority signing is moved into a HSM which at least enforces the constraint that only a single signature will be given for a particular time period, or the like; making proof of a misbehaving authority forever ban that authority, beyond a threshold misbehaving should shut down the network until manually overridden, etc.). -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
