[tor-bugs] #12193 [Ponies]: Set up a Mozilla Persona testing server

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Oct 9 03:57:15 UTC 2014 

#12193: Set up a Mozilla Persona testing server
---------------------------+---------------------------------------------
     Reporter:  mikeperry  |      Owner:  isis
         Type:  project    |     Status:  assigned
     Priority:  major      |  Milestone:
    Component:  Ponies     |    Version:
   Resolution:             |   Keywords:  SponsorP, TorBrowserTeam201410D
Actual Points:             |  Parent ID:
       Points:             |
---------------------------+---------------------------------------------

Comment (by isis):

 Preliminary thoughts from the process of setting it the Persona/BrowserID
 primary Identity Provider (IDP) server:

 '''1. It's going to be hard enough just to run our own
 `persona.torproject.org` safely.'''

     Persona/BrowserID are now unmaintained. (Although,
 [http://identity.mozilla.com/post/78873831485/transitioning-persona-to-
 community-ownership not "decommissioned"], which apparently means they
 intend to make critical security patches, if necessary.)

     Both depend upon a (seemingly unmaintained) fork of `node.js` from a
 sketchy Ubuntu PPA.

 '''2. It's going to be difficult to put new primitives into this thing.'''

     Blind signatures are ''probably'' doable. As of right now, it appears
 as if it will only require a fork of [https://github.com/mozilla
 /browserid-crypto jwcrypto] with some patches. Anything fancier than that,
 however, and it's likely going to get hairy rather fast.

 '''3. Persona/BrowserID were not designed to be anonymous.'''

     There's all kinds of certification issuance timing correlations,
 identity certificate use correlations, etc. that we'll need to be worried
 about. Especially if we expect third parties to be able to do anything
 like "report a troll/abusive user" to us. Some of these I'm already aware
 of, but I may not find all of them.

     My point being: we're using something for an unintended purpose, and
 we are going to need to be ''very'' careful about that.

 '''4. I'm concerned about the lack of adoption by, and lack of support
 for, the third parties who will want to hand their Tor-using users to
 us.'''

     Namely, if we were to go to the trouble of fixing all of the above
 things, that someone like Wikimedia is just going to be confused: ''"What
 do you expect me to do with these weird unblinded sigs your users are
 handing me?"''

     Third parties, whom we expect to hand off their abuse mitigation to
 us, they are going to want to copy+paste some code and ItJustWorks™. Think
 of how one integrates Stripe, Paypal, etc. into a webpage. They are
 ''not'' going to want to say, ''"Okay, let me pay a developer to spend a
 month figuring out how this poorly documented, unmaintained Persona thing
 works, and have them write some code to integrate it into our site for
 you."''

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12193#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list