Encryption on Mailing lists sensless?
Robert J. Hansen
rjh at sixdemonbag.org
Wed Nov 19 21:15:34 CET 2014
> He’s mainly explaining how do you fight spam in a centralized way, and
> then explain how all the centralized techiques are unusable when using
> crypto. That’s normal, crypto and decentralization comes together. You
> need to think according other paradigms.
And the point I'm making is this: this setup, which works, is what we
will have to discard and replace if we move to E2E crypto.
I'm not saying decentralized systems can't work. I'm saying that before
we throw out our current system, we need to look long and hard at what
it does, why it does it, and how effective it is -- because as soon as
we adopt E2E crypto this thing goes completely away and we're going to
need to rebuild it in a quite different way.
> I don’t consider that an issue. Quite the opposite: the result —and we
> always end finding it— is *beautiful*.
No, you don't always end up finding it (where 'it' is 'a decentralized
algorithm that offers efficiency equivalent to a centralized
algorithm'). There are many algorithms that have no known
equivalently-performing decentralized alternative, algorithms where
global knowledge is strictly necessary.
Decentralized algorithms also have really interesting failure modes.
Back in 2008, a one-bit error in Amazon's S3 cloud propagated from one
node to the next and ultimately brought the entire thing down for
several hours. It was a brilliant example of both error propagation and
the limits of Byzantine fault tolerance.[1]
I'm a firm believer that decentralized algorithms are a good thing, but
let's keep our sense of perspective, all right? They're not magic and
they don't always beat centralized algorithms.
[1] http://status.aws.amazon.com/s3-20080720.html -- a really
fascinating read if you love decentralized algorithms.
More information about the Gnupg-users
mailing list