On 9/27/07, Anthony wikimail@inbox.org wrote:
The nym software has already been developed and tested. http://en.wikipedia.org/wiki/User:Lunkwill/nym The problem isn't developing the software, it's 1) getting a developer to accept the patch, and 2) getting someone to turn it on.
The fact that you know about nym makes me surprised you didn't already know that.
I knew it was mostly done, I didn't realize it had actually been proposed on WP before. Though it still needs some development work, since the current version of the software breaks SSL support for users without client certs, and it needs updated against the current codebase.
There are also some little security gotchas with the current approach like the client must "Wait a random interval sufficient to foil transaction time correlations". ... which no one is going to do because given the expect account creation rates that time required might be days. :)
The proposal needs a few other features: for example, the NYM server should probably download the enwiki block list and refuse to issue a token for IP addresses which are already blocked. I think that it should also be made possible to log in when using one of the NYM certs so the people could continue to use named psedonyms they already have established (and storing the NYM ID as the users IP).
And there a lot of open questions.. how often should the nym server reissue tokens for an IP (ever? if not what about IPs changing? yearly?) should NYM certs only be allowed for tor users? How do you prevent your client from sending your nym cert when you've turned off tor? (thus compromising your IP).