Re: [Sks-devel] Tor hidden service - what's the rationale?

[Robert J. Hansen]

> On the server side, the only use case (which is actually a good use
> case), I see, would be that we could basically hide keyservers from
> powerful players, that may e.g. force a larger number of keyserver
> operators to delete, obstruct, etc. certain keys or parts of them,
> which may help them in their evil doings.

Even then, I'm unconvinced this is even possible.  The footprint
associated with running a keyserver is vast and covers an awful lot more
than just anonymizing TCP/IP connections.

If you want to run an anonymous and deniable service then you're going
to need to break out some serious spy tradecraft: you're going to need
to find a hosting company that won't ask questions... maybe set up a
shell corporation to pay the bills... figure out some way to sanitize
all ties between you and the shell corporation... and all the while
you're doing this, you're becoming *more* visible to the Powers That Be,
because you're acting like either a foreign intelligence service or a
narcosyndicate.

Any discussion about anonymizing the server side needs to also include
provisioning, sanitization, and burn care.  (Burn care: "oh crap, the
Bad Guys know my IP address and they're looking into the shell
corporation.  What do I do now?"  Burn care is what you do after you've
been burned.)

If you're not having a discussion about practical tradecraft, then
really, talk about server-side anonymity amounts to a bunch of exercises
in masturbatory paranoia.

And if you *are* having this discussion, then congratulations, you just
became Quite Interesting(tm) to some very interesting people.

I'm inclined to let this entire thing lie.