[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Blocked by my ISP?-Solved.But Additional Question.



On Sat, Jun 21, 2008 at 09:13:02PM -0700, Luis Maceira wrote:
> The question: can I use the FQDN or IP preferably,
> instead of nicknames,in torrc entrynodes,exclude
> nodes,exitnodes options?I have read something
> lately about the functioning of the Tor system,
> and it seems the directory servers/client initial
> dialog to determine the running nodes is protected
> by strong authentication,but when I access
> a listing of running nodes(by country,etc.)
> using https://stat.xenobite.eu(for example) with a
> webbrowser,how do I have assurance that the
> nicknames correspond to the real IP address?


Nicknames are not guaranteed to be unique.
You can use the router fingerprint instead,
wherever it says to specify a nickname in the torrc manual.

https://www.torproject.org/svn/trunk/doc/spec/dir-spec.txt
"
   2.3. Nonterminals in router descriptors

      nickname ::= between 1 and 19 alphanumeric characters ([A-Za-z0-9]),
         case-insensitive.
      hexdigest ::= a '$', followed by 40 hexadecimal characters
         ([A-Fa-f0-9]). [Represents a server by the digest of its identity
         key.]
"

> Does Tor check based on the strong authenticated
> listing received upon initial dialog with the
> directory servers the authenticity of the pairs
> nicknames/computers we could set up in exitnodes etc.
> of torrc?

The above cited document describes in section 3.3 
how nickname-to-identity-key mappings are maintained
and how the Named flag could be conferred upon your router.