[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21530 [Core Tor/Tor]: Make ExitRelay 0 the default when there is no exit policy

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #21530 [Core Tor/Tor]: Make ExitRelay 0 the default when there is no exit policy
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 13 Sep 2018 19:21:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 13 Sep 2018 15:21:38 -0400
In-reply-to: <044.147422aad4459526b3dee3a299c743c0@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.147422aad4459526b3dee3a299c743c0@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21530: Make ExitRelay 0 the default when there is no exit policy
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  defect                               |         Status:
                                                 |  merge_ready
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.5.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-exit tor-relay configuration     |  Actual Points:
  usability expectations                         |
Parent ID:                                       |         Points:  1
 Reviewer:  mikeperry                            |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by arma):

 Right, hm. I think the main scenario we want to try to handle is the one
 where a relay operator intends to be running an exit relay, and even
 checked the exit policy on their relay and confirmed that it was what they
 wanted, but they haven't messed with the ExitRelay config option. In this
 case, when they upgrade, their exit policy will silently become something
 different than it used to be, and it would be smart for us to think
 through how they're supposed to learn about this surprise.

 One option would be to make it very obvious in the ChangeLog, like turn it
 into a Major thing rather than a Minor thing. That's good but not enough
 imo.

 Another option would be some log lines to help them know what's happening.
 I think there's a lot to be said for a notice-level log explaining *why*
 we decided to set the exit policy to reject-all.

 We could imagine fancier approaches, like looking at the TorVersion line
 in the state file and giving them a warning if they have the right
 combination of config settings. But doing that warning only once (before
 the TorVersion in the state file gets updated, that is) is risky since
 it's so easy to miss warnings. So I think this approach wouldn't be worth
 building.

 Another option would be to have some script that looks at the network for
 relays that used to be exits using the default exit policy, and then
 stopped being exits when they moved to this new version. Then we contact
 those people to let them know about the potential surprise. That option
 would be a winner except: what do we do about the people who don't set a
 usable ContactInfo?

 Summary: my suggestion would be to add the notice-level log explaining why
 we're opting not to be an exit relay (that log line will be helpful to
 relay operators forever), and then also monitor the network and reach out
 to relays that look like they got hit with this surprise.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21530#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5531 [Applications/Tor Browser]: Local config file for Flash Player
Next by Author: Re: [tor-bugs] #27653 [Metrics/Analysis]: Change from 3 month to 6 month in tshirt script
Previous by thread: Re: [tor-bugs] #21530 [Core Tor/Tor]: Make ExitRelay 0 the default when there is no exit policy
Next by thread: Re: [tor-bugs] #21530 [Core Tor/Tor]: Make ExitRelay 0 the default when there is no exit policy
Index(es):
- Author
- Thread