Re: Tor exit nodes

To: PICCA Frederic-Emmanuel <[email protected]>
Subject: Re: Tor exit nodes
From: Gunnar Wolf <[email protected]>
Date: Mon, 9 Oct 2017 10:38:30 -0500
Cc: Russell Coker <[email protected]>, "[email protected]" <[email protected]>
Delivered-to: [email protected]
Delivered-to: [email protected]
In-reply-to: <A2A20EC3B8560D408356CAC2FC148E53BB448C67@SUN-DAG3.synchrotron-soleil.fr>
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <A2A20EC3B8560D408356CAC2FC148E53BB448C67@SUN-DAG3.synchrotron-soleil.fr>
Resent-date: Mon, 9 Oct 2017 15:38:53 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <K4HKe7QtJKK.A.iJC.Ng52ZB@bendel>
Resent-sender: [email protected]
User-agent: NeoMutt/20170113 (1.7.2)

PICCA Frederic-Emmanuel dijo [Mon, Oct 09, 2017 at 10:01:57AM +0000]:
> What about providing a gnupg key for all DD, in order to store their private keys.
> 
> PS: I am not interested myself, since I own a nitrokey, but it would be great if
> DD could setup something more secure like this easily.

Our threat model includes (emmm... Actually, _does its best to_
include, as there are some attacks possible) *one* DD going rogue —
That is, we won't accept a request for a key transition with only one
signature (because a single DD might be trying to steal somebody's
identity).

We cannot trust all of our private keys to be in a place *any* of us
can get to. Your identity is yours and yours alone.

What you could do is to split your private key in several secrets,
just as outlined by Chris Lamb in his latest post:

    https://chris-lamb.co.uk/posts/python-gfshare-secret-sharing-in-python

You could split your key in n pieces, and set a threshold to require
only m of them to recover it. Send it to friends _you_ trust.

We cannot assume to ultimately trust each other with our identity. We
are close to a thousand people.

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Tor exit nodes
  - From: Gunnar Wolf <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Re: Dmitry Bogatov arrested in Moscow
  - From: Alexander Gerasiov <[email protected]>
- Tor exit nodes
  - From: Russell Coker <[email protected]>
- Re: Tor exit nodes
  - From: Gunnar Wolf <[email protected]>
- RE:Tor exit nodes
  - From: PICCA Frederic-Emmanuel <[email protected]>

Prev by Date: Re: Tor exit nodes
Next by Date: Re: Tor exit nodes
Previous by thread: Tor exit nodes
Next by thread: Re: Tor exit nodes
Index(es):
- Date
- Thread