[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Questions about Directory Authority Servers

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Questions about Directory Authority Servers
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 15 Oct 2018 19:48:42 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 15 Oct 2018 19:48:56 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=t78DXImT8GfJ69yuaHVl2dIFpo5Yku4JawSKi7C4qJI=; b=hwfNRs+i+6z/ckjYIllOjsVWzTRG++vRcbzs8SrKqbDzDvOp5pE13GzOfEkgYBBgs1 jNVzwjGhUWL20OJAcUhgYdXUCiwkzIUe0xpc4SS7U6X3On1DQGG7jvx5FQJMVIIvQMt9 u3SAzhjsvZI0gAYCx0eLXtrRXBDkTFJzLS4M/FUcUmYTiw/6l29QYGNAurDIge/l7as/ PEIQQcAcpYwNgByhZbkpku323aEmj+DaRlualv+x+lBkTbkecW2sqqBTYQFaCjDWH3i6 s1XJhwcOMu2gKFyPgfyZlg9ud6f3dY6fwxtWWyrHldh9aO77SqRR79vjphAUmXWD/qkZ vH2g==
In-reply-to: <ufj8CMJYq27RjrNFBgr2yea7HuYak3fH6pNEBGzIWW3qI-NjQcrIKkyPTvzwbQf8NWPsdxnm7d9QhILAwGajL7fRs8bX8DckSSGLqj5xvPU=@protonmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <ufj8CMJYq27RjrNFBgr2yea7HuYak3fH6pNEBGzIWW3qI-NjQcrIKkyPTvzwbQf8NWPsdxnm7d9QhILAwGajL7fRs8bX8DckSSGLqj5xvPU=@protonmail.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 10/15/18, panoramix.druida <panoramix.druida@xxxxxxxxxxxxxx> wrote:
> Hi,
> From my understanding when a Tor proxy is started it downloads a list of
> relays from one of the ten  Directory Authority Servers listed here:
> https://metrics.torproject.org/rs.html#search/flag:authority
>
> Am I right?

There's a second helper layer to the DA's known as fallback servers.
However the DA's are still the root gatekeepers of the live network.
And the DA's are also subject to higher layers that reside outside
the live network...

> If so who run these servers and how the people running them are chosen? I
> would like to know a bit on the governance on how this authority servers are
> chosen.

Assuming more of analysis than operation question...

Observatories appear to show the servers as being
distributed around the world in various jurisdictions.
They're run by whoever they appear to be run by.
Both have a variety of potential attacks.

The "how chosen / removed" part is informal but
does have some written guidlines in torspec repo.
The existance of DA design function under humans
vs say distributed DHT, blockchain, AI, users clients,
whatever... is thought to have certan strengths.

Ultimately the fingerprints and IP's of the DA's are hardcoded
and commited into the source code, which exists in repositories
controlled by The Tor Project Inc, a corporation headquartered
in, and on the books of, the United States of America, ran on
continuum from open to closed fashion in various areas of
governance, participation, etc. There's a lot more that goes into
that. All of which various parts of the overall community
(corp, dev, users, operators, funders, etc) also hold various
opinions on (re DA's), no different than any other project.

In overall re: design / subject of DA's... it's thought by most
around Tor, a reasonably sound and working model, resistant
to at least casual attack en masse, at least so far as any
attack is publicly known to have occurred.

Also keep in mind that design of Tor / DA is roughly 20 years
old, thus having elements of both wisdom and legacy.

> What could go wrong if one or more of these servers are compromise?

Worst case?
Full discovery of end to end physical locations,
with concurrent compromise of traffic content.
General network disruption including complete shutdown.

Technical talk has been made over the years on if / should,
and how, the DA's might be eliminated from the design.

If the DA system is thought to be weak to various threats and
attack models, or there's preference for a fully independant,
distributed, and autonomous live network... people might
want to review some of those talks, or draft design changes,
or new overlay networks, or implement ones that are
still in whitepaper form [waiting for a dev team].

The Anonbib is one good source for research reading, as
are the materials and communities of other overlay networks.

Note also that most things "who, where, threat models"
regarding the DA's also apply to all the relays. And
there is not necessarily any PKI WoT, comms, or in person
relations between any given whole or subset[s] of them.
Perhaps there should be, or not, or in part, and why / how...

And that such subject questions, and their many fine and
possible answers surely both here and before from many folks,
are not unique to Tor... all the open overlay networks exhibit
at least some similar elements.

The code and networks are still active so... ignoring unknown
conspirators, malactors, Sybils, GPA / GAA, [quantum]
cryptanalysis, parallel constructions, etc... perhaps things
in the space are thought good enough. Or not.

One should never rest, because your adversaries will not.

It's a big space, there's always room for new ideas,
[better] solutions to old, hard, and new threats,
incorporating new tools and strategies that didn't
exist before, etc.

Have fun :)
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Questions about Directory Authority Servers
  - From: panoramix.druida

Prev by Author: Re: [tor-talk] Does Facebook .onion work?
Next by Author: [tor-talk] Onionland: Bittorrent, VoIP, Gaming, P2P, Biz, Mosh, IRC, Mail, News, Social, Apps... and UDP IPv6 OnionCat
Previous by thread: Re: [tor-talk] Questions about Directory Authority Servers
Next by thread: [tor-talk] Does Facebook .onion work?
Index(es):
- Author
- Thread