[mullen]

> Tying things to a phone number makes sense in order to reduce Sybil attacks, but I think that OWS could operate a phone-number-based identity service which would be relied upon by federated Signal servers, reducing the degree centralisation while still preserving Sybil resistance. This matters because without Sybil resistance it'd be pretty easy for a malicious party to send a Signal user 10,000,000 messages per second, saturating his data connexion and depleting his battery; tying identity to phone number makes it easier to limit & block such bad actors.

I think people who are for anonymous use of Signal don't understand that the bulk of Signals users don't want anyone who is anonymous to contact them. If I don't know who you are or I can not track you down, then you can't contact me.

[zeveb]

I don't think too many people want the people they communicate with using Signal to be anonymous to them; they want them to be anonymous to Open Whisper Systems. Ideally, OWS would have no way to know that I'm talking to my best friend, or who we are.

Getting that to work is tricky, but it'd be awesome.

I can imagine a system where users prove possession to OWS of their phone numbers via SMS — as they currently do — and OWS issues them certificates using some sort of blind signature scheme; they can then use those certificates to prove to any server they talk to that they are someone with an identity, and the server can use a subsidiary certificate to demonstrate to other servers that it's acting on behalf of someone with an identity (but not whose identity), and the recipient's server can rate-limit based on that identity, and potentially even record information to aid in manually tracking someone down — without revealing the identity in normal use.

I could be wrong, and I've definitely not proven that it can work. But I think it can be made to.