[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 334: A flag to mark Relays as middle-only

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Proposal 334: A flag to mark Relays as middle-only
From: s7r <s7r@xxxxxxxxxx>
Date: Thu, 16 Sep 2021 15:52:29 +0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 16 Sep 2021 08:52:52 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org; s=20110108; t=1631796754; bh=4jnoF+JkV+TfcqNoUsTf49cXABg5gujOZOqQE7r33Hs=; h=Subject:To:References:From:Date:In-Reply-To; b=WtmT0e8Q2rtIAVUSOqY6UreenlKh5zX7tiNFxMPg3zhCZO6bgDbQEIXTPVUAzkIJP zH/XZOHn9SyMx4rJWB1B6QVzj48BFwGgIKD166LnaxTbQJvdUddPdf6iN1d1hJm/hI wX15z3i/tx13uXIfcZpGzE0SNfSzfxaroOSG8Fl0=
In-reply-to: <CAHTJAwEzzZVKwacdPFXf-=kJ4RgQryn1ZyEkvXg6qj2MDo+XHw@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CAHTJAwEzzZVKwacdPFXf-=kJ4RgQryn1ZyEkvXg6qj2MDo+XHw@mail.gmail.com>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0

Tor Relays wrote:

David Goulet:

    However, I'm not sure we should always let 1 authority dictate that flag
    regardless of what the others think.

    I think we need to enforce majority here and not have one
    single authority dictate it.

    Thoughts?


+1

I can compromise one authority and can MiddleOnly the whole Tor network.

+1

of course we should not allow just 1 Directory Authority to have thispower. This would undermine the security model of the consensus we havein Tor -- that is why we have more Directory Authorities controlled bydifferent people in different jurisdictions / parts of the world so it'shard for an attacker to compromise all at once. We know and agree it'ssimple and cheap (even free if it's a LEA with a subpoena) to compromiseone directory authority but much harder to compromise 50% + 1.

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Proposal 334: A flag to mark Relays as middle-only
  - From: Tor Relays

Prev by Author: Re: [tor-dev] Proposal 334: A flag to mark Relays as middle-only
Next by Author: Re: [tor-dev] Proposal 334: A flag to mark Relays as middle-only
Previous by thread: [tor-dev] Proposal 334: A flag to mark Relays as middle-only
Next by thread: [tor-dev] Arti report 5: August 18 through September 15
Index(es):
- Author
- Thread