No worries. You’ve got your areas of expertise and your own things to work on—and this is where I think my time can be spent with the maximal expected positive outcome.
What makes you think that vote is going to come from an individual and not from a bot
I was using democracy vs monarchy more as a general example. :) But for this question—how is it remotely possible that Wikipedia is at least as good as the Brittanica? Yes, there are flaws and failure modes and trolls—but the overall mass of people of good will can, with the right infrastructure in place, work together to outweigh the few bad apples. I believe that infrastructure is vastly under-rated in its effects, and given how few people I can find actually working on infrastructure-level solutions to distributed identity assertion, even my relatively unskilled cryptogeek self has an opportunity to leverage something useful here.
And even if the whole thing crashes and burns, then I’ll still have learned a good deal about building such infrastructure for my /next/ attempt. I’ll consider it a net win even if I only get as far as getting my name on an RFC—that’ll give me some cred to build on for such future attempts.
That’s not what I had in mind. I had in mind deliberate attacks on the system by malicious and highly skilled people.
Do a threat analysis—see how your proposed systems holds up under attack from various entities (e.g. (a) script kiddies; (b) a competent black hat; (c) a bunch of competent black hats controlling large botnets; (d) government).
That’s part of why I haven’t gotten very far in fiddling with webfist. I may, in fact, may have to use something else as the basis of the key-exchange protocol—but, like vCard, it already does most of what I want to do, so I’m hoping I can save some time and effort by adapting the existing method instead of starting from scratch.
Looking at what I’m currently doing with vCard from that point of view, it’s already possible to publish a PGP key publicly—see the various keyservers. And if a user wants to use that method, they can have their signed vCard point to it. Signed vCards simply allow for a few more options for key-publication, key-signing, and key-revocation. There doesn’t seem to be any new attack-vectors outside of the ones that already exist; so the main security work is going to be hammering out the key-exchange and -verification protocols. Heck, for that, I could probably even get away with just sending signed-and-encrypted blobs with UUCP or Tor or bluetooth or QR codes, if I set my mind to it. (Traffic analysis of that last one would be something of a pain, requiring analysis of, you know, actual traffic. :) )
In short, I’m not locked into a doomed security model just yet. And as I’m writing this proto-RFC, I’m working on making contacts with enough crypto-type people to have a shot at avoiding building a security system good enough that /I/ can’t break it. (Feel free to point some crypto-geeks or security experts in my direction, if you know any.)
No worries. You’ve got your areas of expertise and your own things to work on—and this is where I think my time can be spent with the maximal expected positive outcome.
I was using democracy vs monarchy more as a general example. :) But for this question—how is it remotely possible that Wikipedia is at least as good as the Brittanica? Yes, there are flaws and failure modes and trolls—but the overall mass of people of good will can, with the right infrastructure in place, work together to outweigh the few bad apples. I believe that infrastructure is vastly under-rated in its effects, and given how few people I can find actually working on infrastructure-level solutions to distributed identity assertion, even my relatively unskilled cryptogeek self has an opportunity to leverage something useful here.
And even if the whole thing crashes and burns, then I’ll still have learned a good deal about building such infrastructure for my /next/ attempt. I’ll consider it a net win even if I only get as far as getting my name on an RFC—that’ll give me some cred to build on for such future attempts.
That’s not what I had in mind. I had in mind deliberate attacks on the system by malicious and highly skilled people.
Do a threat analysis—see how your proposed systems holds up under attack from various entities (e.g. (a) script kiddies; (b) a competent black hat; (c) a bunch of competent black hats controlling large botnets; (d) government).
That’s part of why I haven’t gotten very far in fiddling with webfist. I may, in fact, may have to use something else as the basis of the key-exchange protocol—but, like vCard, it already does most of what I want to do, so I’m hoping I can save some time and effort by adapting the existing method instead of starting from scratch.
Looking at what I’m currently doing with vCard from that point of view, it’s already possible to publish a PGP key publicly—see the various keyservers. And if a user wants to use that method, they can have their signed vCard point to it. Signed vCards simply allow for a few more options for key-publication, key-signing, and key-revocation. There doesn’t seem to be any new attack-vectors outside of the ones that already exist; so the main security work is going to be hammering out the key-exchange and -verification protocols. Heck, for that, I could probably even get away with just sending signed-and-encrypted blobs with UUCP or Tor or bluetooth or QR codes, if I set my mind to it. (Traffic analysis of that last one would be something of a pain, requiring analysis of, you know, actual traffic. :) )
In short, I’m not locked into a doomed security model just yet. And as I’m writing this proto-RFC, I’m working on making contacts with enough crypto-type people to have a shot at avoiding building a security system good enough that /I/ can’t break it. (Feel free to point some crypto-geeks or security experts in my direction, if you know any.)