[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
From: Ralph Seichter <m16+tor@xxxxxxxxxxxxxxx>
Date: Tue, 12 Sep 2017 22:55:39 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 12 Sep 2017 16:55:59 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=monksofcool.net; s=bravo; t=1505249740; bh=nJvMCb2fElqdU2Mc5QKqe43juGvgFcLdLh9P2diWcHY=; h=Subject:To:References:From:Message-ID:Date:User-Agent:In-Reply-To: Content-Type:Content-Language; b=Ot1MQaHJEivih8vRSs9MtIWMprTqy8v87oOGZB6aPG6KhWdc81yudvZd26hwXcd8L eaj1u4NJ1k6M9KaJF9ic5JhdAAp1xScO0bEH8ZbZdxJFJ63kiiSz966uXRbx9k1LgE tNTDi2DDagQt6+5djl2vPha8/RWXSg87/teQgufDN29COoiGwUbuBVoGoGd0kwGvaW TOR2jJOM8QGKATe0DXPrO2m3RVqrZIi/wG7QeIAhLn1E9sQlMQYpV+kBckdNfcDqN+ KN1/aM7DAeWH9uc8CGMCcXstfONAcmdCjf415k3x0gaxlBnefLLL1tseUMULC/2zCd uW5a37lj0qMDw==
In-reply-to: <007f01d32c07$cec0ee60$6c42cb20$@gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays $exit, non-exit, bridge$" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <2076505303.1710424.1505247083310.JavaMail.zimbra@laposte.net> <521456ee-f381-d49a-082a-b48681cd5d61@monksofcool.net> <007f01d32c07$cec0ee60$6c42cb20$@gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

On 12.09.17 22:43, Igor Mitrofanov wrote:

> Every Tor relay can have a simple resolver built-in, and/or perhaps
> all Tor relays could be running a DHT-style global DNS cache.

"Simple resolver" won't do, IMO. It must be robust and fully DNSSEC
capable, which means reinventing the wheel. There is enough good DNS
resolver software available. Why invest time and effort in writing yet
another resolver, when the developer resources can be spent on Tor's
core functionality instead? I don't like the idea of feature creep.

> I am basically not sure if DNS is a high-priority vulnerability right
> now, or just a distraction.

That's what I am asking myself as well.

-Ralph
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
  - From: jpmvtd261
- Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
  - From: Ralph Seichter
- Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
  - From: Igor Mitrofanov

Prev by Author: Re: [tor-relays] Tor-arm failure
Next by Author: Re: [tor-relays] About relay size
Previous by thread: Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
Next by thread: Re: [tor-relays] HOW-TO: Simple DNS resolver for tor exit operators
Index(es):
- Author
- Thread