Hacker News new | ask | show | jobs
by mirimir 3550 days ago
How would users know that tokens had actually been signed blindly?
1 comments
yorwba 3550 days ago
If the tokens are never sent, only their blinded versions, it is pretty much guaranteed that the signature you get back was made without looking at the actual token.
link
mirimir 3550 days ago
I get that. What I wonder is who would nontechnical users need to trust about that? CloudFlare? The Tor Project?
link
Ar-Curunir 3550 days ago
I'm not sure, but it can be done with just CloudFlare changes; if the plugin is open source it should be fine. Maybe if Tor Browser integrates the plugin it should be fine too.
link
mirimir 3550 days ago
Optimal would be only needing to trust the Tor Project.
link