On Mon, Jul 23, 2012 at 2:58 PM, Roger Dingledine arma@mit.edu wrote:
Open questions we need to decide about:
- What exactly would we pay for?
As you said, reimbursing users for hosting is probably the best idea here, however, we also don't want to get in the situation where users feel that they _must_ be reimbursed to run an exit relay. What happens if the sponsors funding dries up in a year and no one wants to donate bandwidth anymore?
Perhaps only registered companies should be sponsored — as much as I hate to limit the scope of the project, I think this (might) prevent abuse to a certain extent. Individuals who wanted to run an exit relay of their own could still do so, they would just have to use some of the money to form an LLC (or whatever their countries equivalent is if the scope of this project extends outside of the US). This gives them a bit more of an incentive to separate their Tor node form their personal server/computing resources (in the form of limited liability), which they should probably be doing anyways.
I think we should aim to constrain ourselves to talking about >=100mbit exits
I disagree; as others have said, lots of 10mbit relays will do as much for the network as a few 100mbit relays. Most peoples use case is simply checking email, browsing the web, reading news, etc. which don't necessarily need a huge 100mbit relay.
- Should we fund existing relays or new ones?
It's probably not wise to distinguish between the two. If you only fund new relays, you may see a lot of old relays shut down (and then restarted as "new relays" to get funding). So you might as well just sponsor both. More thoughts on this in a bit.
- Should we prefer big collectives like torservers, noisetor, CCC,
dfri.se, and riseup (which can get great bulk rates on bandwidth and are big enough to have relationships with local lawyers and ISPs), or should we prefer individuals since they maximize our operator diversity? I think "explore both approaches" is a fine first plan.
"Explore both approaches" sounds good; I think we'll find that operator diversity leads to a healthier (more anonymous) network. Again, I lean towards small guys that will run a few nodes at different data centers, but not Sole proprietorship's.
- For existing relays who pay for hosting…
Picking a certain monthly transfer target might solve this; so existing relays that are fast could apply for aid, and it would give slower relays incentive to speed up. The challenge then becomes, where do we set this cutoff? I'm inclined to think it could be kept relatively low and still be very beneficial for the network.
the Tor network must not end up addicted to external funding. So long as everybody is running an exit relay because they want to save the world, I think we should be fine.
This is the core of the entire discussion. We might also consider only funding relays in areas where we need the diversity by taking into account…
There's network diversity (AS / upstream network topology), organization and operator diversity, jurisdictional (country) diversity, funding diversity, data-center diversity, and more.
…this stuff.
- How do we audit / track the sponsored relays?
How should we check that your 100mbit relay is really working? What do we measure to confirm its capacity? To a first approximation I'm fine assuming that nobody is going to try to cheat (say, by colluding with an ISP to write legit-looking invoices but then just split the money).
Probably better to monitor this carefully from the get-go. Sponsors like to know where their money is going, and continued funding could hinge on it.
Then I'll send individual emails to exit relay operators pointing them to it and asking for their feedback
Consider asking some of the faster / more stable non-exit relay operators as well. Many of these folks (myself included) have run an exit relay at one point or another and stopped—or want to run an exit but won't—because of the financial burden, or because of legal ramifications, etc.
Some of them might want to run an exit relay, or change their existing nodes to exit relays if they could only get a bit of funding to help cover bandwidth and separate their personal resources / business from their exit node(s) (via a new server, or a separate business entity, etc.)
Best, Sam