[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: invitation to directory server operators

To: Karsten Loesing <karsten.loesing@xxxxxxx>, or-talk@xxxxxxxxxxxxx
Subject: Re: invitation to directory server operators
From: Scott Bennett <bennett@xxxxxxxxxx>
Date: Fri, 12 Sep 2008 05:02:38 -0500 (CDT)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Fri, 12 Sep 2008 06:03:11 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

     On Thu, 11 Sep 2008 22:20:01 +0200 Karsten Loesing
<karsten.loesing@xxxxxxx> wrote:
>Scott Bennett wrote:
>>      There is already a proposal in the works to make hidden services
>> directory service the default for directory servers, which would probably
>> radically increase the number of HSDir servers, providing a solution to the
>> current vulnerability.
>
>Good that you bring this up, Scott! Most of the proposal you refer to is
>implemented, but it takes a while for the code to make it into trunk.

     One of the reasons I waited as long as I did was to see whether I could
find any reason that none of the developers had posted a call for directory
server operators to enable it.  Eventually, after thinking and exploring for
quite a while, I decided that it was probably just an oversight, or perhaps
deferred to limbo because the proposal was in progress.  But if the developers
had posted a long time ago the suggestion that I posted a day or so ago, then
there would probably never have been a reason to write the proposal in the
first place.  It looks to me like time and effort expended unnecessarily that
might instead have gone toward something more important.

>This one was now assigned a higher priority. :)

     Oh.  Part of my reason for the call to service for people already
running directory servers was to *avoid* the need for such a change.  Not
all countries' laws and jurisprudences adhere to the "common carrier" concept,
as you know.  I'd much rather take care of the fragility problem through
voluntary contributions than to slide it with little fanfare into the defaults
for DirPort operations.
     You might better invest time in making the information about hidden
service directory service and how to enable it more prominent in the tor
documentation.
>
>The new default value for storing and serving v2 hidden service
>descriptors is now implemented in trunk and will be part of 0.2.1.6-alpha.

     I really wish you would just cancel that.  I think the response in only
the first day since my message has been great, and it looks like changing the
default is very quickly becoming superfluous.  Because it also represents a
possible danger to server operators who will continue to be unaware of the
option, not to mention a change to its default operation, it seems unwise to
proceed with the change to the default in the code.  Please reconsider.
     I want to thank everyone who has turned on HSDir service since I posted
my message.  There are now 17 HSDir servers listed on the torstatus page,
so we are off to a good start toward eliminating the hidden service subsystem
fragility of too few HSDir servers for safety, and my expectation is that
more will continue to appear in the near future.
>
>This does not, however, mean that it will be backported to 0.2.0.x
>anytime soon (or at all). People who run a 0.2.0.x relay still need to

     Well, that much is good, IMHO.  But eventually the stable branch will
move beyond that, potentially creating additional risk for some server
operators around the world.

>set the option manually as described by Scott:
>
>> ## The following line enables hidden service directory mirroring.
>> HidServDirectoryV2 1

     Yes, please do, those of you who haven't already.  My proposed target
currently translates to ~130 HSDir-enabled directory servers, so we need
about another 110-115 to get there.  If hidden services become more popular,
then we might someday need more than one out of every ten tor servers to
provide HSDir service for performance reasons.  But one out of ten, if well
enough distributed around the world, ought to be adequate to eliminate the
fragility problem.  And as I hinted before, the extra load on my server, even
at times when it was one of only 7 running, was trivial.  If I hadn't been
following an info-level log for other reasons, I never would have been aware
that it was doing anything more than it had been before I enabled the HSDir
service.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

Follow-Ups:
- Re: invitation to directory server operators
  - From: John Brooks

Prev by Author: Re: quick question
Next by Author: Re: invitation to directory server operators
Previous by thread: Re: invitation to directory server operators
Next by thread: Re: invitation to directory server operators
Index(es):
- Author
- Thread