On Wed, Aug 03, 2016 at 09:54:38AM +0000, isis agora lovecruft wrote: > Hello all, > > Today, I am very excite to take a field trip (!!) to a datacenter (!!!) with > some most excellent folks from Greenhost (DrWhax and Sacha!!!). We will be > racking a server and installing an OS on it, and getting it ready to be a new > Bridge Authority to replace Tonga. > > Earlier this week, David Goulet and I got a Bridge Authority up and running in > a test network, so perhaps a logical step will be to put the new Bridge Auth > into the test network and ensure that it's at least cursorily behaving. Subject to the desire to avoid releasing security-sensitive info that an attacker could use to compromise that authority, it'd be good to have a public writeup of how the server is setup, and what security precautions have been taken to prevent its compromise, including software and hardware security. I think this would have a lot of value both for Tor project transparency, as well as educational value for the wider community. In the Bitcoin community I'm a part of failures in operating sufficiently secure trusted servers have caused a number of disasters - and are an ongoing risk - so I'd love to be able to point people to the Tor project as an example of good practices. Equally, in the Bitcoin community some companies are gradually getting better at this - Blockstream as an example will need to setup a number of trusted servers for its Liquid sidechain technology - and I'm sure at least some of those companies would be also willing to make public how they've tackled the challenge of setting up trusted servers. -- https://petertodd.org 'peter'[:-1]@petertodd.org
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project