[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Publishing bridge contact information



On 2018-02-11 00:43, nusenu wrote:
>> Possible advantages are:
>>  - Relay Search would support searching for bridges by contact information.
>>  - People who keep a watching eye on the Tor network could reach out to
>> bridge operators to inform them that they're running an outdated tor/PT
>> version, or that running bridges and exits together is not cool.
> 
> some more come to mind:
> 
> - we could tell operators of obfs2 and obfs3 bridges that they would be much more
> useful if they run obfs4 PT (increase the usefulness of current resources)
> 
> - we could tell operators that running obfs3 and obfs4 is a bad idea
> 
> - we could tell operator that exposing their vanilla ORPort is a bad idea

Yes, those all make sense. They're sort of variants of the second bullet
point above, so I think we should just combine them.

I'm summarizing advantages and disadvantages that we have so far below:

Possible advantages are:
 - Relay Search would support searching for bridges by contact information.
 - People who keep a watching eye on the Tor network could reach out to
bridge operators to inform them that they're running an outdated tor/PT
version, that running bridges and exits together is not cool, that they
might better be running different PTs, or that running a PT together
with another PT or with an exposed vanilla OR port might be a bad idea.
 - If somebody ever revives OnionTip/TorTip, bridges could participate
and receive donations for running a bridge. Or t-shirts, who knows. Note
that I'm not promising either here, but without contact information,
neither would even be possible.
 - We will be able to analyze bridge shares and in particular bridge
operator diversity.

Possible disadvantages are:
 - If somebody runs a relay and a bridge, both with the same contact
information, a censoring adversary might guess that the bridge might run
on a nearby IP address as the relay. However, they could as well assume
that for all relays and block or scan the IP space around all known relays.
 - Somebody might use an email address as bridge contact information
that can be linked to an IP address in public sources, e.g. mailing list
archives, forum postings, or whois information. If that IP address is
the same or nearby a bridge IP address, then the bridge can be located
quite easily.
 - Bridge operators might be surprised to see their contact information
in a public archive. We do have a warning in the tor manual
https://www.torproject.org/docs/tor-manual.html.en#ContactInfo, but
maybe nobody reads the fine manual.

All the best,
Karsten

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays