[147096] in cryptography@c2.net mail archive
Re: [Cryptography] Introducing strangers. Was: Thoughts about keys
daemon@ATHENA.MIT.EDU (Eugen Leitl)
Fri Sep 13 12:38:29 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 13 Sep 2013 08:24:14 +0200
From: Eugen Leitl <eugen@leitl.org>
To: cryptography@metzdowd.com
In-Reply-To: <5230A914.5070201@witmond.nl>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============1954894152421300868==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="44eW/8K8YazDxXQY"
Content-Disposition: inline
--44eW/8K8YazDxXQY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Sep 11, 2013 at 07:32:04PM +0200, Guido Witmond wrote:
> > With a FOAF routing scheme with just 3 degrees of separation there
> > are not that many strangers left.
>=20
> How do you meet people outside your circle of friends?
You don't. The message is routed through the social network, until
it reaches your destination.
=20
> How do you stay anonymous? With FOAF, you have a single identity for it
By running onion routers like Tor on top of that routed network.
With FOAF I don't mean a specific system, but a generic small-world
social network, where each member is reachable in a small number
of hops.
> to work. I offer people many different identities. But all of them are
> protected, and all communication encrypted.
>=20
> That's what my protocol addresses. To introduce new people to one
> another, securely. You might not know the person but you are sure that
> your private message is encrypted and can only be read by that person.
>=20
> Of course, as it's a stranger, you don't trust them with your secrets.
>=20
> For example, to let people from this mailing list send encrypted mail to
> each other, without worrying about the keys. The protocol has already
> taken care of that. No fingerprint checking. No web of trust validation.
>=20
>=20
> > If you add opportunistic encryption at a low transport layer, plus
> > additional layers on top of you've protected the bulk of traffic.
>=20
> I don't just want to encrypt the bulk, I want to encrypt everything, all
With multilayer transport protection, you'll get multiple layers
of encryption for your typical connection.
> the time. It makes Tor traffic much more hidden.
>=20
>=20
> There is more
>=20
> The local CA (one for each website) signs both the server and client
> certificates. The client only identifies itself to the server after it
> has recognized the server certificate. This blocks phishing attempts to
> web sites (only a small TOFU risk remains). And that can be mitigated
> with a proper dose of Certificate Transparency.
>=20
> Kind regards, Guido Witmond,
>=20
>=20
> Please see the site for more details:
> http://eccentric-authentication.org/
--44eW/8K8YazDxXQY
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJSMq+OAAoJEPRuNImsiU7Fp3UP/1JcWZwKPEfmSvgCwgpWhBGO
ue7CJ9rWtcQeuBIiOJg3RhEoBA9IrB1iLQB70eZ7gTO/GPWx8CxrIbc34mcvT4fk
Txq8im+OR7/stqIudoOYlwdtMOSobBqlzbqZzM5GeFO9/bB7SA4/JbcOta+e3CgB
jNTAn74+/JqPvfZEQok6sKiajHfnUT6BN661urZ7+ufqzPVNhxtFwMPLxDaMy7qi
ZaNrDxGDpFiv3RibET2AnrMKfLtGD/qo3uS2mM85cqNJxCcVHFHsNpRfa6ft094a
rsVkqAZ84H0E6DMeM2IrisD3Ub5xTrBxR/NIveRbGvxg+iAvtzuPlwMHdCNx3ujj
WFbK2E5tQpSZtoDcNST3JD0e3Vnp9kujpSqos/i1d4liBieWU2OqmbaTA990KLed
FW9Udp4tjI1TOI1E8T23zvsmoBB9M6mKVpcZqeV1SHLjSdSeyRx590uBXs/1BpwH
UHUKPIZKqg0TrSo9T9cNE2sWWQlI1yNdM9TLhmSf0iEhIy9tHFeZSNGlVyXq7NMl
wwsHd3I91HLIkWeyjZZIwvJUn6of5NsWnoaa+CPp26TL3UbLwyhxBAUnzcIB04Sq
Hzzt8K8X3ZP7cUtWL6noq0O1cA829oNMOVQrQK92SSneUi7bUQsB0uJey7/ipGAZ
O2/b3AbNAXHrQo3h3b/z
=jeU1
-----END PGP SIGNATURE-----
--44eW/8K8YazDxXQY--
--===============1954894152421300868==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1954894152421300868==--
