[tor-bugs] #3023 [Tor Directory Authority]: Tor directory authorities should not act as regular relays/hsdirs

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Nov 18 12:59:27 UTC 2011 

#3023: Tor directory authorities should not act as regular relays/hsdirs
-------------------------------------+--------------------------------------
 Reporter:  Sebastian                |          Owner:                    
     Type:  defect                   |         Status:  new               
 Priority:  normal                   |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Directory Authority  |        Version:                    
 Keywords:                           |         Parent:                    
   Points:                           |   Actualpoints:                    
-------------------------------------+--------------------------------------

Comment(by arma):

 Replying to [comment:11 Sebastian]:
 > It was my idea to not have them in the consensus at all, yeah.

 This patch would make bridges fail to publish to Tonga, yes? Since they
 won't know the onion key so they can't extend their three-hop circuit to
 it. Similarly, it would break bridge users fetching descriptors from
 Tonga.

 > I looked around in master and didn't see anything where we'd fail to
 work, and ran a test network, which didn't have any problems bootstrapping
 and being used. The situation looks to be a bit more complex in
 maint-0.2.1 and 0.2.2. If we decide to try this, we'd need more careful
 evaluation there.
 >
 > As for why I'm favoring this approach, I'm mostly worried that we have
 some cornercase where relays without the Fast flag are preferred for
 traffic, and we end up pushing lots of users onto the dirauths when we
 lower traffic.

 There are some relays now without the Fast flag, and they're not getting
 mobbed. (If I have my way with #4489, there will be many more soon.)

 I think it would be a much safer move to arrange to take away the Fast,
 Stable, Guard, and HSDir flag from authorities.

 >Also I would generally like to head in a direction where dirauths aren't
 required to speak the Tor protocol as much, can't act as clients/HS, etc.
 For example, maybe bugs like the one plaguing tor26 that stem from the HS
 client code we left over could be avoided.

 We need them to still speak the Tor protocol enough to do reachability
 tests. That's most of the Tor protocol right there. Unless we change
 things so the authorities don't do their own reachability tests I guess.

 > All that said, I'd also be happy to only go so far as to remove all the
 flags from dirauths and see where we stand then.

 Don't take away Running or they'll disappear from the consensus. :) And
 don't take away Valid or they'll hit that bug where relays without the
 Valid flag lose the Running flag.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3023#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list