Tor Convergence Notary

I’ve setup a Convergence notary as a Tor hidden service so that it’s only accessible if you’re using Tor. The project will see how well Convergence works with an anonymity system.

plm44dv2mu3v632e.onion

Convergence

Convergence is a project started by Moxie Marlinspike that attempts to remove the dependancy on CA’s as we know them and replace them with a web-of-trust style certificate verification process. Instead of maintaining a list of certificate authorities in our browser that return a binary result about the validity of that cert, we have many authorities (notaries) that come to a consensous, or at least a majority, about the validity of that cert. Here, read this:

LINK

The diagram shows an example of how the process works:

 

  1. User makes a request to an SSL website (https://mail.google.com) and collects the cert fingerprint
  2. If the anonymity feature is turned on, an HTTP CONNECT request is sent on port 4242 to the first notary. This setups up a proxy to relay requests through
  3. A convergence request to validate the website’s certificate is made to the secondary notary using its SSL port (default 443)
  4. A second convergence request is made to the first notary on its SSL port
  5. The results of the requests are tallied up to see if both agree upon the validity of the certificate

Tor in Convergence

Tor (not TOR or T.O.R. or T0ri Spelling) supports hosting a hidden service so that it exists only on the Tor network. Remember this stuff? Well what happens when you host your certificate validation infrastructure in a highly hostile anonymity network? Stuff. I think we know what some of the problems are going to be but right now I think there’s a problem with how notaries are behing shared which is over HTTP. We should be concerned about authenticity in this case because we’ll be installing that notary configuration for a while. As of now, we’re relying on the fact that there are other notaries out there that will tell us if we have a malicious one, but I’d still like to see an improved way of sharing notary configurations. What’s interesting about running a notary as a hidden service is that there is end to end encryption over the Tor network (compared to the traffic that uses an Exit Node). It’s not really a solution but seems to work around the issue for the time being.

Download my hidden service convergence bundle:

LINK | SIG