-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
AVee,
Would it not be possible for me to specify the ExitNode in my torrc and then do the wget to prove my "ownership"? I haven't tried to specify a single node before so I'm not sure if it'd work.
Thanks, Tim
On 5 May 2015 at 17:58, AVee d6relay@d6.nl wrote:
On 2015-05-03 19:44, Matthew Finkel wrote:
Hi Ops,
[...]
For this case, we need an authentication mechanism which proves control of the relay but is something relay operators won't mind running.
My currently plan is to ask relay operators to sign the fingerprint file which tor creates. The major disadvantage of this method is that it must be run as root (or a user with access to tor's data directory).
If you are willing to lower the bar for 'proof' a bit I'd ask them to fetch a confirmation url send to them from the connection their node runs on. Spoofing an IP address for a TCP connection isn't trivial and seems rather a lot of effort for just a t-shirt. So it at least proofs access to the connection the node is running on. That could be a simple unprivileged wget one-liner.
It leaves room for some abuse, but does raise the bar quite a bit.
If you do want to use the tor key couldn't you use it as a key for ssl client authentication? That would allow for further automation and you could be build into tor in the future.
AVee
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays