On 2015-05-03 19:44, Matthew Finkel wrote:
Hi Ops,
[...]
For this case, we need an authentication mechanism which proves control of the relay but is something relay operators won't mind running.
My currently plan is to ask relay operators to sign the fingerprint file which tor creates. The major disadvantage of this method is that it must be run as root (or a user with access to tor's data directory).
If you are willing to lower the bar for 'proof' a bit I'd ask them to fetch a confirmation url send to them from the connection their node runs on. Spoofing an IP address for a TCP connection isn't trivial and seems rather a lot of effort for just a t-shirt. So it at least proofs access to the connection the node is running on. That could be a simple unprivileged wget one-liner.
It leaves room for some abuse, but does raise the bar quite a bit.
If you do want to use the tor key couldn't you use it as a key for ssl client authentication? That would allow for further automation and you could be build into tor in the future.
AVee