On 29 Sep 2005 09:57:54 -0400, Tyler Durden wrote:
One way to build a psuedo-pseudonymous mechanism to hang off of Tor that would be easy for the Wikipedians to deal with would be to have a server that lets you connect to it using Tor, log in using some authentication protocol or other, then have it generate different outgoing addresses based on your ID. So user #37 gets to initiate connections from 10.0.0.37, user #258 gets to initiate connections from 10.0.1.2, etc.
Isn't the IPv4 address space potentially too small in the intermediate run for this approach? Sounds like you'd need IPv6...
-TD
Walking away from TOR and Wikipedia implementations... Already, IPs have reputations associated with them and serve as pseudonyms. Blacklists are one example of this reputation being used or abused. In some distant future, with the switch to IPv6, there exists the potential for so many entities to have IPs that IPs will function as identities on a much broader scale. This will facilitate a great deal of reputation and trust being established on the basis of IPs with other measures, similar to the early days of the net but with a less open mentality. And, off on a tangent... (Since this was still in my shorter term memory after the NYC BSD Con a few weeks ago...) The general point of DKIM (http://mipassoc.org/dkim/index.html) is to have a sender domain mail server sign messages, and then a receiver domain mail server can query the public key for the sender domain and verify the signature. DKIM suggested that public keys be stored in DNS records for domains. While this storage could be per domain, it could also be per sub-domain, per end entities of a domain, etc. Given the driver to combat spam, you never know, something like this could happen in the next few years. Issues of the capabilities of the current DNS and DNS security infrastructure aside, we then have a universal public key distribution mechanism. So, IPs can be tied to domains, domains can be tied to public keys, sub-domains, or end entities, sub-domains can be tied to public keys or end entities, end entities can be tied to public keys, and so on and so forth. Reputations can be built, and there are lots of ways of establishing trust for keys as needed, be it simple PKI, web of trust, etc. It all seems more fluid than anything we have now. A lot could then happen for end users transparently, much like when they swipe a credit card. DKIM is just one example of that. -Andrew