[tor-bugs] #26691 [Core Tor/Tor]: add 'working DNS' to the list of mandatory requirements for the 'exit' flag

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 9 11:13:07 UTC 2018 

#26691: add 'working DNS' to the list of mandatory requirements for the 'exit' flag
------------------------------+--------------------------------------
     Reporter:  nusenu        |      Owner:  (none)
         Type:  enhancement   |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: unspecified
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  needs-proposal, tor-exit
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------------------------
 current requirements for the exit flag as per the spec:

 https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2524

 >    "Exit" -- A router is called an 'Exit' iff it allows exits to at
 >   least one /8 address space on each of ports 80 and 443. (Up until
 >   Tor version 0.3.2, the flag was assigned if relays exit to at least
 >   two of the ports 80, 443, and 6667.)


 Recently the requirements for the exit flag have been changed to make
 80+443 mandatory because exits only allowing 80 OR 443 would introduce to
 much breakage, the same is true for exits not able to resolve any DNS
 requests, their usefulness as an exit is limited.

 https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2280
 >   "Exit" if the router is more **useful** for building
 >   general-purpose exit circuits than for relay circuits.

 So lets add the DNS requirement to the list of requirements for the exit
 flag.

 The requirement should be automatically verified by dir auths by
 attempting DNS resolution for each exit candidate up to 5 times a day. If
 more than 2 resolution attempts fail the 'working DNS' requirement is not
 met. After 3 successful attempts no further attempts are necessary for
 that day.

 Relays loosing the exit flag have a chance to regain it after being tested
 the next day again.


 https://arthuredelstein.net/exits/

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26691>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list