hi,
Does anybody know why my relay "kingqueen" has lost its Named attribute? https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE...
Thank you
KQ
https://lists.torproject.org/pipermail/tor-dev/2014-April/006671.html The named flag is no more.
On 08/22/2014 01:23 PM, kingqueen wrote:
hi,
Does anybody know why my relay "kingqueen" has lost its Named attribute? https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE...
Thank you
KQ
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi, Le 22/08/2014 19:23, kingqueen a écrit :
Does anybody know why my relay "kingqueen" has lost its Named attribute? https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE...
This extract from the last Tor weakly news should answer to your answer:
The Tor network no longer supports designating relays by name
Since the very first versions of Tor [8], relay operators have been able to specify “nicknames” for their relays. Such nicknames were initially meant to be unique across the network, and operators of directory authorities would manually “bind” a relay identity key after verifying the nickname. The process became formalized with the “Named” flag introduced in the 0.1.1 series [9], and later automated with the 0.2.0 series. If a relay held a unique nickname for long enough, the authority would recognize the binding, and subsequently reserve the name for half a year.
Nicknames are useful because it appears humans are not very good at thinking using long strings of random bits. Initially, they made it possible to understand what was happening in the network more easily, and to designate a specific relay in an abbreviated way. Having two relays in the network with the same nickname is not really problematic when one is looking at nodes, or a list in Globe [10], as relays can always be differentiated by their IP addresses or identity keys.
But complications arise when nicknames are used to specify one relay to the exclusion of another. If the wrong relay gets selected, it can become a security risk. Even though real efforts [11] have been made to improve the situation, properly enforcing uniqueness has always been problematic, and a burden for the few directory authorities that handle naming.
Back in April, the “Heartbleed” bug [12] forced many relays to switch to a new identity key, thus losing their “Named” flag. Because this meant that anyone designating relays by their nickname would now have a hard time continuing to do so, Sebastian Hahn decided to use the opportunity to get rid of the idea entirely [13].
This week, Sebastian wrote [14]: “Code review down to 0.2.3.x has shown that the naming-related code hasn’t changed much at all, and no issues were found which would mean a Named-flag free consensus would cause any problems. gabelmoo and tor26 have stopped acting as Naming Directory Authorities, and — pending any issues — will stay that way.”
This means that although you can still give your relay a nickname in its configuration file, designating relays by nickname for any other purpose (such as telling Tor to avoid using certain nodes) has now stopped working. “If you — in your Tor configuration file — refer to any relay by name and not by identity hash, please change that immediately. Future versions of Tor will not support using names in the configuration at all”, warns Sebastian [15].
Hop this helps.
Regards,
Thank you Patrick, that was very helpful.
I was subscribed to the Tor weekly news. I don't know what happened, my emails stopped, I shall investigate and reinstate.
Thanks
On August 22, 2014 7:36:06 PM GMT+01:00, Patrick ZAJDA patrick@zajda.fr wrote:
Hi, Le 22/08/2014 19:23, kingqueen a écrit :
Does anybody know why my relay "kingqueen" has lost its Named attribute?
https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE...
This extract from the last Tor weakly news should answer to your answer:
The Tor network no longer supports designating relays by name
Since the very first versions of Tor [8], relay operators have been
able
to specify “nicknames” for their relays. Such nicknames were
initially
meant to be unique across the network, and operators of directory authorities would manually “bind” a relay identity key after
verifying
the nickname. The process became formalized with the “Named” flag introduced in the 0.1.1 series [9], and later automated with the
0.2.0
series. If a relay held a unique nickname for long enough, the
authority
would recognize the binding, and subsequently reserve the name for
half
a year.
Nicknames are useful because it appears humans are not very good at thinking using long strings of random bits. Initially, they made it possible to understand what was happening in the network more easily, and to designate a specific relay in an abbreviated way. Having two relays in the network with the same nickname is not really
problematic
when one is looking at nodes, or a list in Globe [10], as relays can always be differentiated by their IP addresses or identity keys.
But complications arise when nicknames are used to specify one relay
to
the exclusion of another. If the wrong relay gets selected, it can become a security risk. Even though real efforts [11] have been made
to
improve the situation, properly enforcing uniqueness has always been problematic, and a burden for the few directory authorities that
handle
naming.
Back in April, the “Heartbleed” bug [12] forced many relays to switch
to
a new identity key, thus losing their “Named” flag. Because this
meant
that anyone designating relays by their nickname would now have a
hard
time continuing to do so, Sebastian Hahn decided to use the
opportunity
to get rid of the idea entirely [13].
This week, Sebastian wrote [14]: “Code review down to 0.2.3.x has
shown
that the naming-related code hasn’t changed much at all, and no
issues
were found which would mean a Named-flag free consensus would cause
any
problems. gabelmoo and tor26 have stopped acting as Naming Directory Authorities, and — pending any issues — will stay that way.”
This means that although you can still give your relay a nickname in
its
configuration file, designating relays by nickname for any other
purpose
(such as telling Tor to avoid using certain nodes) has now stopped working. “If you — in your Tor configuration file — refer to any
relay
by name and not by identity hash, please change that immediately.
Future
versions of Tor will not support using names in the configuration at all”, warns Sebastian [15].
[8]:
https://gitweb.torproject.org/tor.git/blob/161d7d1:/src/config/torrc.in#l20
[9]:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/attic/dir-spec-v2.txt#l...
[11]:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/122-unnamed-f...
[13]:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/235-kill-name...
[14]:
https://lists.torproject.org/pipermail/tor-dev/2014-August/007348.html
[15]:
https://lists.torproject.org/pipermail/tor-talk/2014-August/034380.html
Hop this helps.
Regards,
tor-relays@lists.torproject.org
-
kingqueen -
mal -
Patrick ZAJDA