[tor-bugs] #7160 [Tor Sysadmin Team]: Decide if Flashproxy can move to torproject.org
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 30 16:28:28 UTC 2012
#7160: Decide if Flashproxy can move to torproject.org
-------------------------------+--------------------------------------------
Reporter: bastik | Owner: dcf
Type: task | Status: new
Priority: normal | Milestone:
Component: Tor Sysadmin Team | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------+--------------------------------------------
Comment(by dcf):
Replying to [comment:2 phobos]:
> We shouldn't rush into this. We as Tor the non-profit cannot run any
parts of the Tor network, from bridges to relays, or according to smart
lawyers, we cross a line between a volunteer tor network and assuming
liability for all of the tor network. I need to understand what the
facilitator does in detail and its role overall before we can setup a
machine and run it in the torproject.org domain.
I can appreciate that. The motivation for moving the facilitator to
another domain is to reduce the WTF some people feel when they see
connections to tor-facilitator.bamsoftware.com. A possible alternative is
for me to register a completely new domain, one not associated with my
other domains nor those of the Tor Project.
> My high-level understanding of the facilitator is that it is analogous
to the role of bridgeDB.
It is analogous to bridgeDB, but does the opposite: rather than store
bridge addresses to give to clients, it stores client addresses to give to
bridges (flash proxies).
The facilitator runs the programs:
*
https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/facilitator/facilitator
* https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/facilitator
/facilitator-email-poller
*
https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/facilitator/facilitator.cgi
* https://gitweb.torproject.org/flashproxy.git/blob/HEAD:/flashproxy-
client
`flashproxy-client` listens on ports 9000 and 9999. It's only for
demonstration purposes and could be completely removed. `facilitator.cgi`
listens via Apache on port 443. The other programs don't open any
Internet-exposed listening sockets.
There is some secret key material stored on the facilitator. The Apache
certificate key, and a private key associated with the email registration
method (#6383). There will likely be another private key associated with a
URL-based registration method (#7559).
The Apache logs are completely disabled (go to /dev/null). The facilitator
logs the time when proxies and clients connect, and when a client is
served to a proxy, but does not log any IP addresses.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7160#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list