Re: [tor-dev] Guardiness: Yet another external dirauth script

[Tim <t_ebay@xxxxxxxxxx>]

On 17 Sep 2014, at 22:00 , George Kadianakis <desnacked@xxxxxxxxxx> wrote:

Sebastian Hahn <sebastian@xxxxxxxxxxxxxx> writes:

On 16 Sep 2014, at 16:15, George Kadianakis <desnacked@xxxxxxxxxx> wrote:

====How the guardiness script will be deployed====

The idea is that dirauths will add another script to their crontab
that is called every hour (before or after the bwauth scripts).

Only 4/9 have such scripts, if at all - it is possible to run a
bwauth on a different host, and scp the file over. I don't know
if any of the dirauth ops actually do this currently.

This should also be possible with the guardiness stuff, as long as you
can arrange fresh consensuses to arrive on the second host.

tor supports consensus downloads without being a router, but it's a bit of a hack:

A tor instance configured with a DirPort and no ORPort will act as a directory cache only.

Directory caches regularly download the latest consensuses.

It's worth binding the DirPort to localhost only, and marking it NoAdvertise.

This hides the cache from the consensus, and disables remote requests.

However, the cache will also download router descriptors unnecessarily.

(Microdescriptors and extra info can be turned off, but I'm not sure if router descriptors can.)

T

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev