Proposals 1, 2 and 1.1 arguments¶
See Proposal 1 (P1) design, Proposal 2 (P2) and Proposal 1.1 (P11).
Pro and con arguments for the different proposals discussed after juga’s presentation on January 12, 2021 [MixmailerSlides] .
Stratified topology¶
- arguments against:
- attacks on the exits
- authorities decide the possition
- nodes should decide the route (free-routing)
j counterarguments:
- attacks on exits:
- do not deanonymize sender, nor their location, per se
- can be done by any operator that runs the exit:
- reason why TLS is recommended (avoid MiTM)
- if target is the receiver, it is easy to find the “random” exit
- intelligence agencies try more sophisticated attacks trying to deanonymize the whole path
- it’s the node that decide the possition in Loopix
Authorities¶
j arguments:
- they’re needed so that:
- all clients have the same view of the network, otherwise sybil attack
- can reward/penalize nodes that go on and off, missbehave, etc.
- counterarguments:
- it’s the nodes which take those decissions.
TLS¶
j arguments:
- avoid clear metadata at last hop
- Let’s Encrypt has helped a lot to do not depend on 3rd party entities
- counterarguments:
- 0 trust on TLS
Message size¶
j arguments:
- can’t pad while not possible to predict final size, what is only possible with same OpenPGP algo. and without compression
- need of fixed size (huge) padding so that the attacker doesn’t know in which position of the route is the message
- counterarguments:
- random padding, if message is too big and it’s know it’s at 1st possition in path, bad luck
OpenPGP¶
V.: pEp is not OpenPGP/MIME when 2 pEp clients talk, but it’s OpenPGP/MIME compatible when the receiver is not pEp client.
GNS¶
V.: it’s needed that GNUnet implements a GNS library
Other¶
V.: all this should be impemented in the engine including GNS resolving/registering
Katzenpost¶
j arguments:
- we can rewrite mail proxy. License of nodes running software doesn’t matter cause pEp is not going to run them
- contrarguments: not the technical solution we want