On Nov 19, 2025, at 7:31 AM, Sebastian Hahn via tor-relays <tor-relays@lists.torproject.org> wrote:
I'm one of the people responsible for flagging old versions as a dirauth operator. Please do not treat this flagging as anything more than a friendly nudge to update. If there are more serious issues or the version is so outdated that it isn't maintained anymore at all, we can exclude the relays from the consensus as a more drastic measure.
Ideally, your distribution updates quickly, you notice that automatically, and then apply the update soon.
Except the problem: When you flag an old version then the client appears to no longer accept it as a guard node (it is how I noticed). By doing so, within <24 hours of new version release, you are eliminating >1/2+ of the potential guard nodes in the network. It is not a "polite nudge", but something that potentially disrupts the network. I'm too lazy to trace the Tor source code (I have a moral obligation not to try to read too much ugly C that wants to be C++ and has >2500 GOTO statements), but I use my relay as a pinned guard for a test-server (with an override so it accepts just a single guard for a hidden service). When the node gets the "Not recommended" flag, it is no longer considered usable as a guard and I get a continuous stream of: Nov 14 17:44:21.000 [notice] Failed to find node for hop #1 of our path. Discarding this circuit. errors in the log. There probably needs to be a stated policy on "Absent a security vulnerability of severity X, older server versions are not deprecated for Y days" to prevent this from potentially disrupting the network.