Hi Eran,
a developer offering to help relay operators
what better can we ask for :)
Certainly happy to help :-)
yes, this is on the radar of the relay advocate - Colin and maybe also the
Tor Metrics team to some extend - and they are certainly happy if someone
takes this on - especially if you are also considering to maintain this on the long term
(the last service has been discontinued to to missing maintainership)
you can find more about this on trac and the previous thread:
https://lists.torproject.org/pipermail/tor-relays/2018-May/015238.html
https://trac.torproject.org/projects/tor/ticket/26124
Thanks for the links. I'll review those. I'm more then willing to help and maintain the service.
One more feature I was thinking about was callbacks. So I can register for callback on certain things - this allows services to figure out when to stop give access to a certain node if its down.
This yet another good point and I had that (verified contactInfo) specifically in mind when starting
the ContactInfo specification:
https://github.com/nusenu/ContactInfo-Information-Sharing-Specification:
"provide the foundation for an automated contactInfo verification bot."
So if you are going to implement something like that I would be happy to work with you.
Interesting spec. I'll go over it. I think this is the basis for a lot of operator service as this would allow the make sure services are rendered to actual nodes.
Since this functionality can be done with tor alone (DirPortFrontPage) and
additional software (webserver) increases the attack surface I'm more leaning
towards not recommending every relay operator to run also a webserver.
I understand that but my issues with this feature are:
- It requires configuration and doesn't come preconfigured.
- You need to manually edit the HTML to include various information (maybe adding templating support will allow to embed certain ContactInfo inside the page itself when being served).
- It doesn't support, as far as I can see (maybe I'm missing it) HTTPS support - which I think in this day and age is kinda mandatory. And if we are on the HTTPS bandwagon let's encrypt integration would go a long way.
looking forward to how this progresses! :)
Me too!
Eran