[Cryptography] Introducing strangers. Was: Thoughts about keys
Eugen Leitl
eugen at leitl.org
Fri Sep 13 02:24:14 EDT 2013
On Wed, Sep 11, 2013 at 07:32:04PM +0200, Guido Witmond wrote:
> > With a FOAF routing scheme with just 3 degrees of separation there
> > are not that many strangers left.
>
> How do you meet people outside your circle of friends?
You don't. The message is routed through the social network, until
it reaches your destination.
> How do you stay anonymous? With FOAF, you have a single identity for it
By running onion routers like Tor on top of that routed network.
With FOAF I don't mean a specific system, but a generic small-world
social network, where each member is reachable in a small number
of hops.
> to work. I offer people many different identities. But all of them are
> protected, and all communication encrypted.
>
> That's what my protocol addresses. To introduce new people to one
> another, securely. You might not know the person but you are sure that
> your private message is encrypted and can only be read by that person.
>
> Of course, as it's a stranger, you don't trust them with your secrets.
>
> For example, to let people from this mailing list send encrypted mail to
> each other, without worrying about the keys. The protocol has already
> taken care of that. No fingerprint checking. No web of trust validation.
>
>
> > If you add opportunistic encryption at a low transport layer, plus
> > additional layers on top of you've protected the bulk of traffic.
>
> I don't just want to encrypt the bulk, I want to encrypt everything, all
With multilayer transport protection, you'll get multiple layers
of encryption for your typical connection.
> the time. It makes Tor traffic much more hidden.
>
>
> There is more
>
> The local CA (one for each website) signs both the server and client
> certificates. The client only identifies itself to the server after it
> has recognized the server certificate. This blocks phishing attempts to
> web sites (only a small TOFU risk remains). And that can be mitigated
> with a proper dose of Certificate Transparency.
>
> Kind regards, Guido Witmond,
>
>
> Please see the site for more details:
> http://eccentric-authentication.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130913/0a289200/attachment.pgp>
More information about the cryptography
mailing list