[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] understanding client side enforced families ('NodeFamily' parameter)

Hash: SHA512

> I'd like to properly understand the implications of tor's
> 'NodeFamily' config option and if there is a DirAuth enforcable
> config option similar to this client side option (something I did
> not find in the man page yet).
> names convention I'm using in this email
> * undeclared family a confirmed (by the operator) or likely group
> of relays operated by a single entity or group
> * declared family a family defined by the list of fingerprints a
> given relay publishes in the family line of its descriptor (for
> simplicity we assume there are only fingerprints and ignore
> everything else).
> * effective family the overlapping list of fingerprints between
> declared family and mutually agreed relationships. The effective
> family might be smaller (in terms of element count) or equal but
> never bigger than the declared family.
> * client family family defined by the list of fingerprints
> configured on a tor client via 'NodeFamily'
> * real effective family the set of fingerprints considered to be in
> family after evaluating effective families and NodeFamily torrc
> config lines
> I assume a tor client becomes more unique as soon as he uses the 
> NodeFamily option but this "uniqueness" is expected to be hardly 
> measurable as long as NodeFamily is used reasonably (and the risks
> of using multiple relays from a given undeclared family are
> expected to be greater than this newly introduced uniqueness).
> Questions
> - Is it possible to (accidentally) reduce the size (by element
> count) of a real effective family by using NodeFamily or is the
> real effective family size always the bigger of size(effective
> family) and size(client family)?
> Example: effective family is: A, B, C, D NodeFamily (accidentally)
> is: A, B
> What is the resulting real effective family? 1) real eff. family =
> A, B, C, D or 2) 	real eff. fam1 = A, B; rea eff. fam2 = C, D;
> - Is it possible to (accidentally) create real effective families
> by using NodeFamily that are bigger than size(effective family) or 
> size(client family)? (That implies that client families have the
> power to link multiple families into one even though the client
> family only lists a subset of thouse.)
> Example: eff. family1 = A, B, C eff. family2 = B, C, D
> A and D are not in the same family, is this still true after
> setting NodeFamily: B, C or NodeFamily: A, B

Example II:
eff. family1 = X, Z
eff. family2 = W, R

Are X and R considered to be in one family after setting:
NodeFamily: W, Z


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to