Roman Mamedov:
On Tue, 21 Jul 2020 20:17:24 +0200 nusenu nusenu-lists@riseup.net wrote:
What is the advantage over the torrc config value "MyFamily" ?
MyFamily is somewhat orthogonal to the idea behind the verifyurl field.
Still not getting what advantage do you propose to ones who choose to also maintain the latter.
It reads like the main purpose of "verifyurl" is to authorize "operatorurl", but even as right now, if there's the same URL across all relays in a consistent MyFamily, what additional authorization does this need and for whom?
Lets say someone sets up a bunch of relays and claims to be the EFF, The Torproject or any other entity they choose. This creates a link between the relay and the entity: (1) relay -> entity
The verifyurl gives everyone, for example users of atlas.torproject.org the possibility to verify what they see. verifyurl create a link in the opposite direction: (2) entity -> relay
(1) + (2) results in a bidirectional link which can not easily be made up.
MyFamily has an impact on path selection, ContactInfo/verifyurl has not.
Any legitimate example where you would want to claim a fleet of relays as your own, but NOT want that to affect path selection?
just to clarify: verifyurl is not trying to replace MyFamily.
verifyurl is used to establish a bidirectional verification of the operatorurl.
So if someone sets up a relay claiming to be torservers.net verifyurl can be used to detect that automatically if torservers.net sets verifyurl in their ContactInfo.
Same already possible with MyFamily, if all other relays do not include that one in their family, it can be assumed to be a "fake".
MyFamily is used to link relay fingerprints. MyFamily alone does not provide any direct way to verify ContactInfo claims. You are assuming that there are other relays. If there are no other relays they can not be used to see the missing MyFamily link between the fake and real relays.
kind regards, nusenu