You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: _pages/garner.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,17 +20,17 @@ A developer tool that provides a Tor endpoint for self-sovereign identity. It se
20
20
21
21
## Why is Garner Important?
22
22
23
-
Garner serves self-sovereign identity documents. It has five major advantages over use of `HTTPS` or even bare `tor`.
23
+
Garner serves self-sovereign identity documents. It has five major strengths, many of them advantages over use of `HTTPS` or even bare `tor`.
24
24
25
-
**Self-Sovereignty:** The ultimate goal of Garner is self-sovereignty. [XIDs](/xid/) allow users to have a truly self-sovereign identity that they can issue, hold, and redact as they see fit. Garner offers the next step, because it allows them to also serve their own identity documents in a self-sovereign way.
25
+
**Self-Sovereignty:** The ultimate goal of Garner is self-sovereignty. [XIDs](/xid/) allow users to have a truly self-sovereign identity that they can issue, hold, and redact as they see fit. Garner offers the next step because it allows them to also distribute their own identity documents in a self-sovereign way.
26
26
27
27
**Accessibility:** Garner is easy to install: it's just a cargo install. It's also easy to run: there are just three commands, one to generate a keypair, one to start a server, and one for a remote user to get your content. This is a huge accessibility advance over HTML, which requires the setup of complex Apache config files and the acquisition of a certificate, all of which will be beyond the average user.
28
28
29
-
**Privacy:** Because Garner runs across the Tor network, everything is private. Your identity serving address is hidden (protecting any pseudonymous identities) and the requester's address is hidden. Perhaps most importantly, this makes the identity documents served through Garner censorship-resistance. As long as Tor is available, no attacker can prevent you from serving them or the requester from asking for them.
29
+
**Privacy:** Because Garner runs across the Tor network, everything is private. Your identity serving address is hidden (protecting any pseudonymous identities) and the requester's address is hidden. Perhaps most importantly, this makes the identity documents served through Garner censorship-resistant. As long as Tor is available, no attacker can prevent you from serving them or the requester from asking for them.
30
30
31
-
**Authentication:** Garner builds its Tor address from the private key you supply, which means that your running a Garner server (which other people connect to with the corresponding public key) implicitly offers live proof of key control. This is very powerful authentication: remote users know that you controlled the private key when the server was started. Not only does this avoid the need for external dependencies like DNS or a Certificate Authority (CA), but it also protects from stale-signature and post-compromise replay attacks.
31
+
**Authentication:** Garner builds its Tor address from the private key you supply, which means that you're running a Garner server (which other people connect to with the corresponding public key) implicitly offers live proof of key control. This is very powerful authentication: remote users know that you controlled the private key when the server was started. Not only does this avoid the need for external dependencies like DNS or a Certificate Authority (CA), but it also protects from stale-signature and post-compromise replay attacks.
32
32
33
-
**Security:** Garner is purposefully very constrained. It is not a general-purpose web-server, but only a limited identity-document server. This is an intentional design to minimize its attack surface. It was also built in close coordination with Tor technology, through use of the [official Arti crate](https://gitlab.torproject.org/tpo/core/arti/), which should also improve its security level.
33
+
**Security:** Garner is purposefully very constrained. It is not a general-purpose web-server, but only a limited identity-document server. This is an intentional design to minimize its attack surface. Garner was also built in close coordination with Tor technology through use of the [official Arti crate](https://gitlab.torproject.org/tpo/core/arti/), which should improve its security level.
34
34
35
35
## How Does Garner Work?
36
36
@@ -51,4 +51,4 @@ This allows the pseudonymous, censorship-resistant, self-sovereign distribution
0 commit comments