Tor Relays wrote:
David Goulet: However, I'm not sure we should always let 1 authority dictate that flag regardless of what the others think. I think we need to enforce majority here and not have one single authority dictate it. Thoughts? +1 I can compromise one authority and can MiddleOnly the whole Tor network.
+1of course we should not allow just 1 Directory Authority to have this power. This would undermine the security model of the consensus we have in Tor -- that is why we have more Directory Authorities controlled by different people in different jurisdictions / parts of the world so it's hard for an attacker to compromise all at once. We know and agree it's simple and cheap (even free if it's a LEA with a subpoena) to compromise one directory authority but much harder to compromise 50% + 1.
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev