[guardian-dev] Public Web of Trust Must Die?

Peter Todd pete at petertodd.org
Fri Jul 12 02:26:21 EDT 2013 

On Thu, Jul 11, 2013 at 01:19:05PM -0400, Hans of Guardian wrote:
> The web-of-trust (WoT) does not have to be a binary, all or nothing thing.  The public WoT is a very useful thing and there are certain things that it solves that are only possible by having the data public, for example software distribution like Debian, etc..  But we are also thinking about other use cases.   For example, if you are part of a large group of people organizing a protest in a repressive country, you'll be talking to a group of people larger than the people you know, but that information does not need to be public for it to be effective.
>
> You can have offline, peer-to-peer syncing of the certification signatures, so you know that the only of people who have this p2p WoT data will be people who have physically met up.  Sure, someone could leak that info, but that is always the case, like Snowden just demonstrated with Top Secret NSA and FISA data.  There could be an even more limited WoT where you enforce how many hops away the people are before they are allowed to be sync.  Like only people two hops away would be synced, so when you sync with someone, only the people they have directly signed would be synced with you.

Ah good, in that case we're in agreement.  It would be interesting if
fancy crypto can enforce attributes of such a WoT - for instance you can
create ring signatures where any member of a group could have been the
signer, but determining who is impossible. It might be useful if the
whole group is the one signing keys, but who exactly is doing so isn't
possible to know. Ring signatures could give plausible deniability as
well by including unrelated people in the ring set. That said more
simple rules like the n-hop one you suggest may prove to be safer in the
context of user understanding.

Anyway, it's not that I see such concerns as unimportant, it's just that
the linked article on cryptome.org throws the baby out with the
bathwater.

-- 
'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20130712/4ef40b85/attachment.pgp>

More information about the Guardian-dev mailing list