On Wed, Aug 03, 2016 at 09:54:38AM +0000, isis agora lovecruft wrote:
Hello all,
Today, I am very excite to take a field trip (!!) to a datacenter (!!!) with some most excellent folks from Greenhost (DrWhax and Sacha!!!). We will be racking a server and installing an OS on it, and getting it ready to be a new Bridge Authority to replace Tonga.
Earlier this week, David Goulet and I got a Bridge Authority up and running in a test network, so perhaps a logical step will be to put the new Bridge Auth into the test network and ensure that it's at least cursorily behaving.
Subject to the desire to avoid releasing security-sensitive info that an attacker could use to compromise that authority, it'd be good to have a public writeup of how the server is setup, and what security precautions have been taken to prevent its compromise, including software and hardware security.
I think this would have a lot of value both for Tor project transparency, as well as educational value for the wider community. In the Bitcoin community I'm a part of failures in operating sufficiently secure trusted servers have caused a number of disasters - and are an ongoing risk - so I'd love to be able to point people to the Tor project as an example of good practices.
Equally, in the Bitcoin community some companies are gradually getting better at this - Blockstream as an example will need to setup a number of trusted servers for its Liquid sidechain technology - and I'm sure at least some of those companies would be also willing to make public how they've tackled the challenge of setting up trusted servers.