[arma at mit.edu: Re: Wikipedia & Tor]

lists lists at kriptik.org
Sat Oct 1 15:47:27 PDT 2005


On 29 Sep 2005 09:57:54 -0400, Tyler Durden wrote:
>>
>> One way to build a psuedo-pseudonymous mechanism to hang off of Tor
>> that would be easy for the Wikipedians to deal with
>> would be to have a server that lets you connect to it using Tor,
>> log in using some authentication protocol or other,
>> then have it generate different outgoing addresses based on your ID.
>> So user #37 gets to initiate connections from 10.0.0.37,
>>   user #258 gets to initiate connections from 10.0.1.2, etc.
> 
> Isn't the IPv4 address space potentially too small in the intermediate 
> run for this approach? Sounds like you'd need IPv6...
> 
> -TD
> 

Walking away from TOR and Wikipedia implementations...

Already, IPs have reputations associated with them and serve as
pseudonyms. Blacklists are one example of this reputation being used or
abused. In some distant future, with the switch to IPv6, there exists
the potential for so many entities to have IPs that IPs will function as
identities on a much broader scale. This will facilitate a great deal
of reputation and trust being established on the basis of IPs with other
measures, similar to the early days of the net but with a less open
mentality.

And, off on a tangent...

(Since this was still in my shorter term memory after the NYC BSD Con a
few weeks ago...) The general point of DKIM
(http://mipassoc.org/dkim/index.html) is to have a sender domain mail
server sign messages, and then a receiver domain mail server can query
the public key for the sender domain and verify the signature. DKIM
suggested that public keys be stored in DNS records for domains. While
this storage could be per domain, it could also be per sub-domain, per
end entities of a domain, etc. Given the driver to combat spam, you
never know, something like this could happen in the next few years.

Issues of the capabilities of the current DNS and DNS security
infrastructure aside, we then have a universal public key distribution
mechanism. So, IPs can be tied to domains, domains can be tied to public
keys, sub-domains, or end entities, sub-domains can be tied to public
keys or end entities, end entities can be tied to public keys, and so on
and so forth. Reputations can be built, and there are lots of ways of
establishing trust for keys as needed, be it simple PKI, web of trust,
etc. It all seems more fluid than anything we have now.

A lot could then happen for end users transparently, much like when they
swipe a credit card. DKIM is just one example of that.

-Andrew





More information about the cypherpunks-legacy mailing list