2018-03-03 10:27 GMT+00:00 Moritz Bartl <
moritz@xxxxxxxxxxxxxx>:
>
> On 03.03.2018 07:11, Roger Dingledine wrote:
> > Apparently the link from my blog post, to
> >
https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines> > no longer has any mention pro or con disk encryption. I wonder if that
> > was intentionally removed by the
torservers.net folks (maybe they have
> > even changed their mind on the advice?), or if it just fell out because
> > it's a wiki.
>
> I added the recommendation for "no disk encryption" back then, and it
> wasn't me who removed it.
>
> My own opinion has changed slightly: My general advice would still be to
> not do disk encryption, to reduce the amount of hassle and allow easier
> 'audits'. For additional protection, you better move the relay keys to a
> RAM disk.
>
> However, in our case, we don't really care how long they keep the
> machines for analysis, and we do not reuse hardware that was seized (it
> goes back into the provider pool, so some other customer might be in for
> a surprise...). In that case, a relay operator may decide to use disk
> encryption for integrity reasons: They at least have to ask you for the
> decryption key and cannot silently copy content or easily manipulate the
> file system.
>
> --
> Moritz Bartl
>
https://www.torservers.net/cool. thank you all for your words+thoughts+considerations.
very appreciated!
--
Vinícius Zavam
keybase.io/egypcio/key.asc