On Tue, Oct 22, 2013, at 02:26 PM, Kelly John Rose wrote:
Crazy idea.
Put the server into the hands of a third party outside of the US. Have that 3rd party have total and absolute rights to the SSL root certificate and your party to not have any capacity to force said party to hand over the certificate. You use it, but you don't have any ability to actually get access to it directly.
Crazy idea, but I wonder if there would be some way to make this work where even if they tried to force you, you couldn't hand it over.
I think the question that should be asked is do we have a lawful right to privacy and anonymity anymore? The response by governments around the world lately seems to suggest that we don't. Skirting around this issue (i.e. moving VPN hosting from jurisdiction to jurisdiction) just ends in an arms race with governments worldwide. Unless the solution is a perfect system that guarantees privacy and anonymity, even from the carriers, then I can only see the progressive way forward is through political change. Alfie -- Alfie John alfiej@fastmail.fm