[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Possible problem with NYX

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Possible problem with NYX
From: Damian Johnson <atagar@xxxxxxxxxxxxxx>
Date: Wed, 5 Sep 2018 09:14:21 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 05 Sep 2018 12:14:32 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=hqAs7uygCVTFflXdkbWksq66e768I2r08OcoDRB1mC4=; b=sktlUElmCsDmKIJ/mpZwoAGGsrhESwOjeXDJiCy7zphd88K054l568kP/WZ9MLvrhM HrQycYx0huP8/7sbw9FEuO91XOMSlw/9w8VGiIbFUClEAE7TIACJMElOVl7CQkCDmJVN YTS+PAxmYzQ5xE7m5Jc9zXm5StFAulqVyS3V5VeQUer56lUFhmoraTVi1yH60Sv0j8Qn XlTuXinuI4RRek5xFIGXUXROQwbjl4oxc/xOJk+NRoLtLORtYSGxaLaUX6DOA9nZkXhi vTCAlWlnjzkZzc2x1EbmeYdhlmh4gGVe2Kjmd+P9RcOuEVlQmt2CXi0IqqyUX+xHC+mx huUQ==
In-reply-to: <3E94D3EC-A3FA-4F73-A77E-E521CC6E1A80@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <7a6e7d31-3416-b81d-c373-73673b7944b7@cni.net> <CAJdkzEO25kSgyEC=QVG8XChztPw+D2BRYaSmt50j-hN6Aq8hdw@mail.gmail.com> <3E94D3EC-A3FA-4F73-A77E-E521CC6E1A80@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

> There are so many edge cases for this check.
>
> Flags are a *recommendation* to clients. They don't force clients
> to behave a certain way.
>
> For example:
> * clients connecting via bridges can use a middle node as their
>   second hop. These middle nodes will leak bridge addresses via nyx.
> * clients and relays can have different consensuses:
>   * if a relay loses the Guard flag, and finds out earlier than its clients,
>     nyx will stop protecting those clients
>   * if a client finds out before the relay, nyx won't protect those clients
> * some Tor client versions don't check the guard flag at all. Others
>   keep their guards, even if they lose the flag
> * middle and exit relays can be used as bridges, even if they don't set
>   BridgeRelay
> * older Tor versions have a non-zero probability of choosing any relay
>   as an entry, even if it doesn't have the guard flag
> * various config options make tor clients ignore the Guard flag
>
> Please only show an IP if the relay is already public in the consensus.

Thanks teor, great point. Will do:
https://trac.torproject.org/projects/tor/ticket/27475
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Possible problem with NYX
  - From: arisbe
- Re: [tor-relays] Possible problem with NYX
  - From: Damian Johnson
- Re: [tor-relays] Possible problem with NYX
  - From: teor

Prev by Author: Re: [tor-relays] Policy Question: Tor Exits at Universities, Corporate Networks, etc
Next by Author: Re: [tor-relays] Possible problem with NYX
Previous by thread: Re: [tor-relays] Possible problem with NYX
Next by thread: [tor-relays] Multi node management programs/platforms?
Index(es):
- Author
- Thread