<html><head></head><body><div class="ydp99a03a59yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div><div>Dave,</div></div><div><br></div><div>After corresponding with Neel and reviewing I2P's obfuscating techniques, in more detail, it does appear that I2P is blockchaining the fingerprint-to-host database to all garlic routers. What is not clear is whether said database is encrypted and secured from operators and only accessable by the garlic routers themselves?</div><div><br></div><div>My thoughts are... What if the Tor Network distributed encrypted fingerprint-to-host databases to browsers/bridges/relays during the bootstrap process, with Directory Authorities, that operators did not have access? Such a process could be further segmented, so only a fraction of the browser/bridge/relay population would have a portion of the fingerprint-to-host database at any given time.</div><div><br></div><div><span>While you are correct in surmising that such obfuscation techniques still wouldn't prevent organizations, with adequate resources, from eventually discovering browser/bridge/relay addresses, over the wire, it might slow their blacklisting/censorship efforts and </span><span>provide browsers/bridges/relays with a longer shelf-life.</span></div><div><span><br></span></div><div><span>T</span><span>hese thoughts are predicated on the Tor Network satisfying questions of security vs usability and opportunity vs cost.</span></div><div><span><br></span></div><div><span>I hope this sheds some light on my previous comment.</span></div><div><span><br></span></div><div><span>Respectfully,</span></div><div><span><br></span></div><div><span><br></span></div><div><span>Gary</span></div><div><br></div><div><span>"It seems to be an inherent obstacle in design attempting to anonymize a sub-network within an established known super-network." –Gary C. New</span><br></div>
<div><br></div><div><br></div>
<div id="ydp99a03a59yahoo_quoted_1620591289" class="ydp99a03a59yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;">
<div>
On Monday, December 27, 2021, 7:03:34 AM MST, Dave Warren <dw@thedave.ca> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div dir="ltr">On 2021-12-22 23:42, Gary C. New via tor-relays wrote:<br clear="none">> I know it might be a fundamental change to the Tor network, but would it <br clear="none">> be possible to obfuscate the Tor bridge/relay addresses with their <br clear="none">> respective fingerprints; similar, to the I2P network? I've often thought <br clear="none">> that this aspect of the I2P network is one that is implemented well. <br clear="none">> Perhaps Directory Authorities could preform fingerprint to address <br clear="none">> resolution? I think it would be extremely beneficial if neither bridge <br clear="none">> or relay addresses were published in the wild. It would make great <br clear="none">> strides in further buffering the Tor network from various <br clear="none">> black-listing/censorship techniques.<br clear="none"><br clear="none">I guess I'm not sure how this would work, for me as a user, when I <br clear="none">launch tor browser? How do I obtain a bridge or an initial relay?<br clear="none"><br clear="none">And as a trivially simple example, what stops an organization with <br clear="none">government level resources from offering $10-$100 (in appropriate <br clear="none">currency) to any citizen that adds a newly discovered bridge to their list?<div class="ydp99a03a59yqt0961488614" id="ydp99a03a59yqtfd70878"><br clear="none"><br clear="none">_______________________________________________<br clear="none">tor-relays mailing list<br clear="none"><a shape="rect" href="mailto:tor-relays@lists.torproject.org" rel="nofollow" target="_blank">tor-relays@lists.torproject.org</a><br clear="none"><a shape="rect" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="nofollow" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br clear="none"></div></div></div>
</div>
</div></div></body></html>