[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: torserver verified without request



On Wed, Aug 24, 2005 at 08:57:18PM +0000, losTrace@xxxxxx wrote:
> i'm running iapetus (134.130.58.205)
[snip]
> i never asked anybody to verify it. 
[snip]
>  but as far as i
> understand, nodes should only be verified on request ?!

Hi,

In early April 2005, we released 0.1.0.3-rc which included this ChangeLog
entry:
http://archives.seul.org/or/talk/Apr-2005/msg00065.html

    - More automated handling for dirserver operators:
      - Automatically approve nodes running 0.1.0.2-rc or later,
        now that the reachability detection stuff is working.
      - Now we allow two unverified servers with the same nickname
        but different keys. But if a nickname is verified, only that
        nickname+key are allowed.
      - If you're an authdirserver connecting to an address:port,
        and it's not the OR you were expecting, forget about that
        descriptor. If he *was* the one you were expecting, then forget
        about all other descriptors for that address:port.

Basically once we got reachability detection working on the server side,
it fixed most instances of servers running but being unreachable, so
the manual step of making sure that a server worked was mostly solved.

So "registering" your server is now done to bind your nickname to
your key, so nobody else can take your nickname (which would be a
security issue for users who refer to your node by nickname).

See also
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#CanIJustConfigureAndRun

Hope this helps,
--Roger