On 2018-02-11 00:43, nusenu wrote: >> Possible advantages are: >> - Relay Search would support searching for bridges by contact information. >> - People who keep a watching eye on the Tor network could reach out to >> bridge operators to inform them that they're running an outdated tor/PT >> version, or that running bridges and exits together is not cool. > > some more come to mind: > > - we could tell operators of obfs2 and obfs3 bridges that they would be much more > useful if they run obfs4 PT (increase the usefulness of current resources) > > - we could tell operators that running obfs3 and obfs4 is a bad idea > > - we could tell operator that exposing their vanilla ORPort is a bad idea Yes, those all make sense. They're sort of variants of the second bullet point above, so I think we should just combine them. I'm summarizing advantages and disadvantages that we have so far below: Possible advantages are: - Relay Search would support searching for bridges by contact information. - People who keep a watching eye on the Tor network could reach out to bridge operators to inform them that they're running an outdated tor/PT version, that running bridges and exits together is not cool, that they might better be running different PTs, or that running a PT together with another PT or with an exposed vanilla OR port might be a bad idea. - If somebody ever revives OnionTip/TorTip, bridges could participate and receive donations for running a bridge. Or t-shirts, who knows. Note that I'm not promising either here, but without contact information, neither would even be possible. - We will be able to analyze bridge shares and in particular bridge operator diversity. Possible disadvantages are: - If somebody runs a relay and a bridge, both with the same contact information, a censoring adversary might guess that the bridge might run on a nearby IP address as the relay. However, they could as well assume that for all relays and block or scan the IP space around all known relays. - Somebody might use an email address as bridge contact information that can be linked to an IP address in public sources, e.g. mailing list archives, forum postings, or whois information. If that IP address is the same or nearby a bridge IP address, then the bridge can be located quite easily. - Bridge operators might be surprised to see their contact information in a public archive. We do have a warning in the tor manual https://www.torproject.org/docs/tor-manual.html.en#ContactInfo, but maybe nobody reads the fine manual. All the best, Karsten
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays