Hello All!
I've put a small set of people in CC that are involved in this change for now so we can make good progress forward! (and not stall)
We are soon (some low values of "soon" hopefully) to reject all non supported relays, by tor version, from the network:
https://trac.torproject.org/projects/tor/ticket/31549
At this very point in time, this represents in total ~12.72% of the total bandwidth weight thus roughly 1/8th of the network will be removed (in terms of bandwidth capability).
In terms of "relay volume", this change will remove about ~1/7th of the total network or 923/6349.
Roger already emailed hundred(s?) of operators to ask them to upgrade and many have responded but as you can see, the total bandwidth weight has barely moved :S.
Our nusenu volunteer also made it public on tor-relays@ mailing list:
https://lists.torproject.org/pipermail/tor-relays/2019-September/017711.html
So let say for a journalist, or our millions of users, this will mean a "considerable" drop in the Metrics graph of total number of relays. Fortunately, we can explain it :). So lets be pro-active!
I _strongly_ think we should do a blog post at minimum to tell the world what is about to happen and not silently do this. It should have a clear, simple, easy section of "If you run a relay, please upgrade by doing so ...".
Hopefully, with a bigger microphone, we'll be able to drop the 12.72% to something much more acceptable.
We have _good_ reasons to do it so this is not a public debate but rather an informative post.
I'm voluntering to help draft this but since I'm not a native English speaker, I will need help.
@stephw: What do you think here? Advice on how to proceed?
Thanks! David
On Mon, Sep 09, 2019 at 03:43:37PM -0400, David Goulet wrote:
I _strongly_ think we should do a blog post at minimum
Agreed.
Most of these relay operators aren't easy to reach anymore. Maybe they watched our blog some years ago, but the blog has shifted in focus so I am less sanguine that we'll reach many of them still. But we need to try.
And the other lesson is that once we have the old obsolete versions out of the way, we should start the outreach for people running Tor 0.4.0 now, and follow it up soon after for people running 0.3.5, so we have reached them and they know we care about them and then we're more likely to be able to reach them again when we need to.
--Roger
Hi!
David Goulet:
Hello All!
I've put a small set of people in CC that are involved in this change for now so we can make good progress forward! (and not stall)
We are soon (some low values of "soon" hopefully) to reject all non supported relays, by tor version, from the network:
https://trac.torproject.org/projects/tor/ticket/31549
At this very point in time, this represents in total ~12.72% of the total bandwidth weight thus roughly 1/8th of the network will be removed (in terms of bandwidth capability).
In terms of "relay volume", this change will remove about ~1/7th of the total network or 923/6349.
Roger already emailed hundred(s?) of operators to ask them to upgrade and many have responded but as you can see, the total bandwidth weight has barely moved :S.
Our nusenu volunteer also made it public on tor-relays@ mailing list:
https://lists.torproject.org/pipermail/tor-relays/2019-September/017711.html
So let say for a journalist, or our millions of users, this will mean a "considerable" drop in the Metrics graph of total number of relays. Fortunately, we can explain it :). So lets be pro-active!
I _strongly_ think we should do a blog post at minimum to tell the world what is about to happen and not silently do this. It should have a clear, simple, easy section of "If you run a relay, please upgrade by doing so ...".
Hopefully, with a bigger microphone, we'll be able to drop the 12.72% to something much more acceptable.
We have _good_ reasons to do it so this is not a public debate but rather an informative post.
I'm voluntering to help draft this but since I'm not a native English speaker, I will need help.
@stephw: What do you think here? Advice on how to proceed?
We should definitely have a blog post and share on all of our channels + reddit.
I think we should choose a date that this will happen and stick to it. This way people will take it seriously and we can campaign more effectively. We should probably give at least a month from when we publish the rejection date. T
We can also take this opportunity to promote setting up new relays.
Next up very soon on my plate is a push for getting companies to set up more relays, so these campaigns could coincide depending on when you want to go through with it.
I started a campaign brief we can keep filling out after more decisions are made: https://docs.google.com/document/d/1JnE0tIrGVGlGabD6bAv5zjvbwHY3wjLTCOItWoXr...
Happy to help edit the post!
-Steph
Thanks! David
On 09 Sep (16:19:28), Stephanie A. Whited wrote:
Hi!
David Goulet:
Hello All!
I've put a small set of people in CC that are involved in this change for now so we can make good progress forward! (and not stall)
We are soon (some low values of "soon" hopefully) to reject all non supported relays, by tor version, from the network:
https://trac.torproject.org/projects/tor/ticket/31549
At this very point in time, this represents in total ~12.72% of the total bandwidth weight thus roughly 1/8th of the network will be removed (in terms of bandwidth capability).
In terms of "relay volume", this change will remove about ~1/7th of the total network or 923/6349.
Roger already emailed hundred(s?) of operators to ask them to upgrade and many have responded but as you can see, the total bandwidth weight has barely moved :S.
Our nusenu volunteer also made it public on tor-relays@ mailing list:
https://lists.torproject.org/pipermail/tor-relays/2019-September/017711.html
So let say for a journalist, or our millions of users, this will mean a "considerable" drop in the Metrics graph of total number of relays. Fortunately, we can explain it :). So lets be pro-active!
I _strongly_ think we should do a blog post at minimum to tell the world what is about to happen and not silently do this. It should have a clear, simple, easy section of "If you run a relay, please upgrade by doing so ...".
Hopefully, with a bigger microphone, we'll be able to drop the 12.72% to something much more acceptable.
We have _good_ reasons to do it so this is not a public debate but rather an informative post.
I'm voluntering to help draft this but since I'm not a native English speaker, I will need help.
@stephw: What do you think here? Advice on how to proceed?
We should definitely have a blog post and share on all of our channels + reddit.
I think we should choose a date that this will happen and stick to it. This way people will take it seriously and we can campaign more effectively. We should probably give at least a month from when we publish the rejection date. T
There is a challenge here since these reject can only happen with the release of a new "tor" since directory authorities (majority of them) will need to switch to that release.
And as you know, tor releases are ... chaotic maybe for lack of a better word? As in not much "scheduled in stone as we would like to".
Once we have the blog post and everything ready for social media, we can surely coordinate with Nick on a date +/- some low values of days.
We can also take this opportunity to promote setting up new relays.
Next up very soon on my plate is a push for getting companies to set up more relays, so these campaigns could coincide depending on when you want to go through with it.
I started a campaign brief we can keep filling out after more decisions are made: https://docs.google.com/document/d/1JnE0tIrGVGlGabD6bAv5zjvbwHY3wjLTCOItWoXr...
Happy to help edit the post!
Thanks! I'll try to get to the draft this week before I leave for 2 weeks on vacation! lol
Cheers! David
On 09 Sep (16:19:28), Stephanie A. Whited wrote:
(Adding Mike in CC since this touches something he cares about.)
I've done a draft here so lets start haxing it:
https://pad.riseup.net/p/rZ2AWu66KJKJw1gAxkrw-keep
I decided to go the "More Agile Network" avenue instead of just providing a public announcement of "we are removing all EOL relays. Okthxbye".
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
As I said before, my English is not to the quality of a proper blog post so please have at it.
Cheers! David
Some reasons, my CC list is messed up... Fixin that hopefully!
On 10 Sep (11:14:40), David Goulet wrote:
On 09 Sep (16:19:28), Stephanie A. Whited wrote:
(Adding Mike in CC since this touches something he cares about.)
I've done a draft here so lets start haxing it:
https://pad.riseup.net/p/rZ2AWu66KJKJw1gAxkrw-keep
I decided to go the "More Agile Network" avenue instead of just providing a public announcement of "we are removing all EOL relays. Okthxbye".
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
As I said before, my English is not to the quality of a proper blog post so please have at it.
Cheers! David
-- Z3U4wetHd0/q7CcvN/IW5QWv7raWtAFYa6vfb9fh0gQ=
network-health mailing list network-health@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/network-health
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
On Tue, Sep 10, 2019 at 7:26 PM teor teor@riseup.net wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
We talked about this a bit on #tor-dev earlier: I think that the decision was that on this post, we're only going to focus on EOL issues, including the upcoming EOL of 0.2.9 in January 2020.
I think there was possibly a second decision that we should figure out what we want our LTS policy to be like before we start declaring to the world that we're changing it. :)
peace,
On Wed, Sep 11, 2019 at 09:26:26AM +1000, teor wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
Hi,
I made a small update to point relay operators to Debian repository instructions: https://support.torproject.org/apt
I read the blog post and the only suggestion that I have is to change the order of the paragraphs. The information about what's going to happen and how to take action should be in the first paragraphs. I don't want users in panic, but if people will read one paragraph before jumping to other website, which information they must be aware of?
Thanks for the blog post! It's pretty good! :)
cheers, Gus
On 30 Sep (14:56:26), gus wrote:
On Wed, Sep 11, 2019 at 09:26:26AM +1000, teor wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
Hi,
I made a small update to point relay operators to Debian repository instructions: https://support.torproject.org/apt
I read the blog post and the only suggestion that I have is to change the order of the paragraphs. The information about what's going to happen and how to take action should be in the first paragraphs. I don't want users in panic, but if people will read one paragraph before jumping to other website, which information they must be aware of?
Thanks for the blog post! It's pretty good! :)
Thanks Gus!!!
So heads up everyone: I've just came back today from vacation so I haven't had time to revisit the post.
But one consensus before I left was to NOT talk about the LTS part until we actually have a policy in place.
So I plan to make the edit this week to remove that and just talk about the removal. I'll then ask for a re-review on this list.
It is unclear at this point in time when the actual relay rejection will happen but regardless we should publish the blog post asap so to give as much time as possible to the public out there to upgrade their relays.
Cheers! David
On 30 Sep (16:31:21), David Goulet wrote:
On 30 Sep (14:56:26), gus wrote:
On Wed, Sep 11, 2019 at 09:26:26AM +1000, teor wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
Hi,
I made a small update to point relay operators to Debian repository instructions: https://support.torproject.org/apt
I read the blog post and the only suggestion that I have is to change the order of the paragraphs. The information about what's going to happen and how to take action should be in the first paragraphs. I don't want users in panic, but if people will read one paragraph before jumping to other website, which information they must be aware of?
Thanks for the blog post! It's pretty good! :)
Thanks Gus!!!
So heads up everyone: I've just came back today from vacation so I haven't had time to revisit the post.
There it is: https://pad.riseup.net/p/rZ2AWu66KJKJw1gAxkrw-keep
I'm asking you all for a _very_ quick review of this. Please directly do any corrections onto the pad.
The timeline for this as speed up quite a bit due to the now rejection strategy as stated in the post. This is mainly motivated now because of a possible large scale attacker that was found on the network some days ago for which the relays are all in the EOL relay set. (Two stones at once).
I'm still unsure of the timeline that is the *when* we'll push the reject rules to the dirauth since I'm still discussing things with them on the dirauth list.
But I expect in the coming days starting tomorrow.
The network team security list has been informed of this with more details. Most of active bad relay team people as well. And finally the dirauth community. Steph is also in the loop for this post. I will inform Isabela after I send this email as well.
(Syncing everyone is not easy!)
And IMO we _have_ to release this post roughly at the same time as we are rolling out the reject rules to the dirauth so we don't give a chance of the attacker to upgrade to a stable release too quickly.
Thanks everyone! David
Hi,
I did a quick review and a copyedit for sentence length and confusing phrasing.
T
-- teor ----------------------------------------------------------------------
On 3 Oct 2019, at 05:50, David Goulet dgoulet@torproject.org wrote:
Signed PGP part On 30 Sep (16:31:21), David Goulet wrote:
On 30 Sep (14:56:26), gus wrote:
On Wed, Sep 11, 2019 at 09:26:26AM +1000, teor wrote:
Hi,
On 11 Sep 2019, at 01:14, David Goulet dgoulet@torproject.org wrote:
There are things in there that might be _very_ dicy or even controversial for some in TPO. Especially around the "fadding out LTS support for relays".
My approach here was to list some things for which having an LTS policy and EOL relays in the network is actually hurting us. And then the conclusion of removing EOL relays + new upcoming relay policy.
Should we get Nick to check this? He wants a strong commitment to our current LTS schedule.
T
Hi,
I made a small update to point relay operators to Debian repository instructions: https://support.torproject.org/apt
I read the blog post and the only suggestion that I have is to change the order of the paragraphs. The information about what's going to happen and how to take action should be in the first paragraphs. I don't want users in panic, but if people will read one paragraph before jumping to other website, which information they must be aware of?
Thanks for the blog post! It's pretty good! :)
Thanks Gus!!!
So heads up everyone: I've just came back today from vacation so I haven't had time to revisit the post.
There it is: https://pad.riseup.net/p/rZ2AWu66KJKJw1gAxkrw-keep
I'm asking you all for a _very_ quick review of this. Please directly do any corrections onto the pad.
The timeline for this as speed up quite a bit due to the now rejection strategy as stated in the post. This is mainly motivated now because of a possible large scale attacker that was found on the network some days ago for which the relays are all in the EOL relay set. (Two stones at once).
I'm still unsure of the timeline that is the *when* we'll push the reject rules to the dirauth since I'm still discussing things with them on the dirauth list.
But I expect in the coming days starting tomorrow.
The network team security list has been informed of this with more details. Most of active bad relay team people as well. And finally the dirauth community. Steph is also in the loop for this post. I will inform Isabela after I send this email as well.
(Syncing everyone is not easy!)
And IMO we _have_ to release this post roughly at the same time as we are rolling out the reject rules to the dirauth so we don't give a chance of the attacker to upgrade to a stable release too quickly.
Thanks everyone! David
-- t9JRb9sByD7tnqJuvCEeVZHLk5euodS338Tfz3li0Jc=
network-health@lists.torproject.org