[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26778 [Core Tor/Tor]: Enable supporting multiple bridge authorities

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #26778 [Core Tor/Tor]: Enable supporting multiple bridge authorities
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 19 Jul 2018 15:47:41 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 19 Jul 2018 11:47:49 -0400
In-reply-to: <052.471fc8eb2a2967cdb4e18e74fae57471@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <052.471fc8eb2a2967cdb4e18e74fae57471@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#26778: Enable supporting multiple bridge authorities
-------------------------------------------------+-------------------------
 Reporter:  chelseakomlo                         |          Owner:  (none)
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-bridges needs-testing? needs-    |  Actual Points:
  proposal?                                      |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by chelseakomlo):

 Replying to [comment:5 gman999]:
 > >A bridge should be able to select a bridge authority from the list of
 authorities, where multiple >bridge authorities can be represented, and
 try one at a time until it is able to successfully upload >its descriptor.
 >
 > I thought the data was being *pushed* by the bridge authority, not
 pulled.

 The bridge authority pushes data to BridgeDB, but bridges themselves push
 data to the bridge authority, iiuc.


 > Ultimately, if I'm reading this right, it's:
 >
 > * a single bridge authority, which lessens opportunity for bridge
 discovery, yet becomes a single point of failure.

 I would add a single bridge authority increases probability for single
 point of failure. This could have any number of causes- maybe the plug is
 pulled on the server, the operator gets run over by a bus (hopefully not),
 or the server is DDOSed/attacked/etc. Regardless, having some spread in
 case of failure, IMO, would be ideal.


 > * multiple bridge authorities, with increases chance of bridge
 discovery, but decentralized and more resilient.

 I'm not sure I understand how multiple bridge authorities increases the
 chance of bridge discovery. If an adversary can discover/query one bridge
 authority, how does this limit bridge discovery as opposed to an adversary
 being able to discover/query multiple authorities? As I understand, we
 want to minimize the number of entities which hold the complete list of
 bridges as holding this data in itself is risky, but adding more
 authorities shouldn't make bridges more discoverable to external entities
 (as I understand, please correct me if I'm wrong).


 > Maybe reworking through the threat model on bridge discovery and past
 experiences could be worthwhile to make a more informed decision on this?

 That sounds good to me, I would be interested to hear about past
 experiences as well.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26778#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #26778 [Core Tor/Tor]: Enable supporting multiple bridge authorities
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #24629 [Core Tor/Tor]: Activate osx builds on travis, at low priority
Next by Author: Re: [tor-bugs] #26831 [Core Tor/Torsocks]: Feature: conditionally allow non-localhost inbound connections with command-line flag
Previous by thread: Re: [tor-bugs] #26778 [Core Tor/Tor]: Enable supporting multiple bridge authorities
Next by thread: Re: [tor-bugs] #25819 [Internal Services/Service - jenkins]: Email committers on jenkins compile+test failures
Index(es):
- Author
- Thread