[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #5565 [Tor Relay]: MyFamily should provide an alternate non-idhex subscription mechanism
#5565: MyFamily should provide an alternate non-idhex subscription mechanism
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor Relay | Version:
Keywords: | Parent: #5563
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Everybody hates MyFamily. It's cumbersome, hard to update, hard to spot
check that it's correct, and it gets in the way of vastly improving the
practical security of the network through ephemeral identity keys (#5563).
So first off, what is wrong with making this PoS an arbitrary token
("OurFamily" anyone?) If weirdos start joining families that people don't
want them to, can't we just de-list those nodes?
If we really can't handle the risk of people joining arbitrary families
for any period of time, we could deploy a signature scheme where a node
has to sign its IP+OrPort, current idhex, and/or nickname using a family
key and place that signature into its MyFamily field.
We could even make this an incrementally deployable solution. We could
first make the new field free-form, and then later update it to require
authentication with a family key.
But my guess is this is not worth significant engineering, and we should
just make it a free-form token and de-list nodes who try to adopt
themselves into random families without consent.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5565>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs