[tor-bugs] #26778 [Core Tor/Tor]: Enable supporting multiple bridge authorities

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jul 13 04:30:11 UTC 2018 

#26778: Enable supporting multiple bridge authorities
--------------------------+------------------------
 Reporter:  chelseakomlo  |          Owner:  (none)
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:  tor-bridges   |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------

Comment (by arma):

 My first thought here is that I believe it should work right now for Tor
 to have two bridge auths, and bridges will simply publish their bridge
 descriptor to both of them. (And by "two" I mean "n".)

 Then the bridge auths become redundant, i.e. one of them can catch fire
 but the pipeline still gets the bridges through.

 One downside of that style of redundancy is increased surface area: that
 is, there is one more place in the world that has the list of bridges and
 that is making connections to all the bridges.

 But I think it will take much more design to produce a "distributed"
 bridge authority that actually has reduced surface area in practice. (For
 example, if each bridge alternates each day which authority it sends its
 descriptor to, are we really gaining that much?)

 Also, in the original bridge authority design, which still sort of works
 in the code right now, clients would reach out to the bridge authority
 directly (or via a Tor circuit using an existing working bridge) to fetch
 new descriptors for bridges that moved addresses. So if we want to keep
 that design possible for the future, we need bridges to
 *deterministically* assign themselves to bridge authorities, such that
 clients can predict the assignment too. See #2473. Maybe we want to close
 off that design because it's more trouble than it's worth, but also maybe
 not.

 tl;dr I think what you want is already in the code base, so long as you're
 ok with a slight tweak to what you want. :)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26778#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list