Filename: xxx-param-voting.txt
Title: Require majority of authorities to vote for consensus parameters
Author: Sebastian Hahn
Created: 16-Feb-2011
Status: Draft
Overview:
The consensus that the directory authorities create may contain one or
more parameters (32-bit signed integers) that influen
On Feb 21, 2011, at 12:54 PM, Adam Langley wrote:
> I agree that forcing collateral damage is the key here. The current
> code generates `random' certificates, but it's pretty easy to pattern
> match them and there's no collateral damage to doing so.
The thing that seems most correct to me, and m
On Mon, Feb 21, 2011 at 2:34 PM, Tim Wilde wrote:
> Any static list is going to, by definition, have to exist within the
> source code, and thus will be very easy for an even moderately
> determined censor to find. If we're going to do that we had better be
> doing it with something that we know
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2/21/2011 1:54 PM, Adam Langley wrote:
> "Internet Widgits Pty Ltd" is the OpenSSL default. "Hewlett-Packard
> Co." are JetDirect printers. "Fortinet Ltd." is some gateway
> manufacturer.
>
> Tor doesn't have to pick a single type I believe. It cou
On Mon, Feb 21, 2011 at 1:36 PM, Nick Mathewson wrote:
> Aha. Let's see if I have the tor-dev address right at long long last.
> Apologies to Peter, who will have received more than one copy of this
> already.
I did a quick scan of a subset of the EFF Observatory data (where
`subset' is defined
Aha. Let's see if I have the tor-dev address right at long long last.
Apologies to Peter, who will have received more than one copy of this
already.
(Apparently , I am told, the "lists." in tor-dev@lists.torproject.org
is not optional.)
On Mon, Feb 21, 2011 at 12:52 PM, Nick Mathewson wrote:
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
G'morning all!
Last weekend's hackfest inspired me to attempt to run some numbers on
the EFF SSL Observatory data[1], in particular looking at two things:
the commonality of the "Internet Widgits Pty" organization string (a
default in OpenSSL's CSR ge
