[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] T-shirts and Confirming Relay Control



Matthew Finkel schreef op 03/05/15 om 14:47:
On Sun, May 03, 2015 at 08:20:54PM +0000, Matthew Finkel wrote:
On Sun, May 03, 2015 at 12:05:49PM -0700, Aaron Hopkins wrote:
On Sun, 3 May 2015, Matthew Finkel wrote:

Assuming the path to their data dir is /var/lib/tor, we ask them to run:

Please don't get in the habit of asking relay operators through e-mail to
run complex bash command lines as root.  As a security practice, this is
terrible.  (How do you know the suggested command wasn't altered before it
reached its recipient?)

Yes, this is terrible, and I really hate the idea of asking it. I signed
all my emails for the t-shirt requests, but now we're relying on
everyone fetching my key and verifying the mail - so, that's also a bad
assumption. I don't have a good solution. This is why I'm asking.


What if we add the commands to the t-shirt[0] website? Again, this isn't
a great solution, but we already have documentation which requires
running commands with elevated privileges on there, and it's slightly
better than sending it in an email. These commands are still more
complex than I'd like, but if beside providing an executable or
verifiable shell script, I'm running low on solutions.

[0] https://www.torproject.org/getinvolved/tshirt

Thanks,
Matt

Hi Matt,

How about :

 * Primarily using ContactInfo for the verification
* If you cannot match the ContactInfo, ask people to set it on their relays * If they are unwilling/unable to do so, ask them to sign their mail address using their secret Tor key
 * Implement a --sign option for Tor 0.2.7
 * Starting a year from now, just ask everyone to sign the request

Proving ownership of a Tor relay can be relevant for more applications than just Weather, so a simple --sign option can be good to have. That doesn't address the immediate concerns though, it's more of a long-term solution.

Tom

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays