[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #13727 [BridgeDB]: BridgeDB should not distribute Tor Browser's default bridges
#13727: BridgeDB should not distribute Tor Browser's default bridges
--------------------------+----------------------------------------
Reporter: isis | Owner: isis
Type: defect | Status: needs_information
Priority: normal | Milestone:
Component: BridgeDB | Version:
Resolution: | Keywords: bridgedb-dist, tbb-bridges
Actual Points: | Parent ID:
Points: |
--------------------------+----------------------------------------
Changes (by isis):
* status: new => needs_information
Comment:
The technical implementation of this could be as simple/kludgey as
creating a list of fingerprints of all bridges which have ever been TB-
default bridges, and, should BridgeDB come across one of these
fingerprints either while parsing or distributing, skip it.
The nicer, but more difficult, way to do this seems to be to implement
something like #4026 and create a `torbrowser` bridge pool in BridgeDB
which is never distributed, or a little-t tor modification to add a
`BridgeDistribution [https|email|tbdefault|any|none]` line to server-
descriptors as described in #13504:
Replying to [ticket:13504 isis]:
> [â]
>
> Additionally, if bridge operators wish to give us metrics but are firmly
against their bridges being distributed by BridgeDB, I can either:
>
> 1. Create a `torbrowser` bridge pool in BridgeDB, which is never
distributed.
>
> This would only be a short-term doesn't-require-little-t-tor-
patches hack. I don't really want to do this. However, if the bridge
operators for Tor Browser bundle bridges ''really'' don't want to be
distributed by BridgeDB, I am willing to do it.
>
> 2. Add a torrc option, `BridgeDistribution [https|email|any|none]`,
[https://lists.torproject.org/pipermail/tor-dev/2014-October/007614.html
as described on the mailing list] and BridgeDB patches to disable
distribution for bridges whose descriptors say `BridgeDistribution none`.
>
> This would allow bridge operators to provide metrics without being
publicly distributed by BridgeDB, and would likely only effect bridges
running tor-0.2.6.x.
>
> The default would be `BridgeDistribution any`, which would allow
BridgeDB to choose how your bridge is distributed.
>
> Using `BridgeDistribution [https|email]` would allow a bridge
operator to override BridgeDB's decision.
>
> Using `BridgeDistribution none` would instruct BridgeDB to either
toss out your bridge's descriptor rather than putting them into the
databases (or adding them to the `'unallocated'` pool, depending on how we
wish to implement this).
>
So, now we should probably decide which of these options (or others that
someone else comes up with) that we want to do.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13727#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs