[tor-relays] Node Operators Web Of Trust

obx obx at riseup.net
Fri Nov 7 21:32:11 UTC 2014


I run a pseudonymous exit node and I'm not interested in giving up my
pseudonymity by meeting people in real life.

I don't want to end up on a special interest watch list.

On Fri, Nov 07, 2014 at 03:26:40PM -0500, grarpamp wrote:
> Is it not time to establish a node operator web of trust?
> Look at all the nodes out there with or without 'contact' info,
> do you really know who runs them? Have you talked with
> them? What are their motivations? Are they your friends?
> Do you know where they work, such as you see them every day
> stocking grocery store, or in some building with a badge on it?
> Does their story jive? Are they active in the community/spaces
> we are? Etc. This is huge potential problem.
> NOWoT participation is optional, it is of course infiltratable,
> and what it proves may be arguable, but it seems a necessary
> thing to try as a test of that and to develop a good model.
> Many operators know each other in person. And the node
> density per geographic region supports getting out to meet
> operators even if only for the sole purpose of attesting 'I met
> this blob of flesh who proved ownership of node[s] x'.
> That's a big start, even against the sybil agents they'd surely
> send out to meet you.
> Many know exactly who the other is in the active community
> such that they can attest at that level. And so on down the
> line of different classes of trust that may be developed
> and asserted over each claimed operator.
> Assuming a NOWoT that actually says something can
> be established, is traffic then routable by the user over nodes
> via trust metrics in addition to the usual metrics and randomness?
> WoT's are an ancient subject... now what are the possibilities and
> issues when asserting them over physical nodes, not just over
> virtual nodes such as an email address found in your pubkey?
> And what about identities that exist only anonymously yet
> can prove control over various unique resources?
> If such WoT's cannot be proven to have non-value, then it seems
> worth doing.
> 
> This doesn't just apply to Tor, but to any node based system.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


More information about the tor-relays mailing list