On 30 Sep (16:31:21), David Goulet wrote:
On 30 Sep (14:56:26), gus wrote:
On Wed, Sep 11, 2019 at 09:26:26AM +1000, teor wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
Hi,
I made a small update to point relay operators to Debian repository instructions: https://support.torproject.org/apt
I read the blog post and the only suggestion that I have is to change the order of the paragraphs. The information about what's going to happen and how to take action should be in the first paragraphs. I don't want users in panic, but if people will read one paragraph before jumping to other website, which information they must be aware of?
Thanks for the blog post! It's pretty good! :)
Thanks Gus!!!
So heads up everyone: I've just came back today from vacation so I haven't had time to revisit the post.
There it is: https://pad.riseup.net/p/rZ2AWu66KJKJw1gAxkrw-keep
I'm asking you all for a _very_ quick review of this. Please directly do any corrections onto the pad.
The timeline for this as speed up quite a bit due to the now rejection strategy as stated in the post. This is mainly motivated now because of a possible large scale attacker that was found on the network some days ago for which the relays are all in the EOL relay set. (Two stones at once).
I'm still unsure of the timeline that is the *when* we'll push the reject rules to the dirauth since I'm still discussing things with them on the dirauth list.
But I expect in the coming days starting tomorrow.
The network team security list has been informed of this with more details. Most of active bad relay team people as well. And finally the dirauth community. Steph is also in the loop for this post. I will inform Isabela after I send this email as well.
(Syncing everyone is not easy!)
And IMO we _have_ to release this post roughly at the same time as we are rolling out the reject rules to the dirauth so we don't give a chance of the attacker to upgrade to a stable release too quickly.
Thanks everyone! David