[tor-bugs] #23947 [Obfuscation/Snowflake]: Move Snowflake proxy page somewhere devs can write
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 22 04:44:34 UTC 2018
#23947: Move Snowflake proxy page somewhere devs can write
-----------------------------------+------------------------
Reporter: dcf | Owner: (none)
Type: project | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+------------------------
Comment (by dcf):
Replying to [comment:1 arma]:
> Is there anything here that I/we can help with? Or is it just picking
one and doing it?
If the Tor Project can provide a host, that could help. (I know
historically Tor has not wanted to do that.) The only technical
requirement is an HTTPS server serving static files. Otherwise I was
thinking of registering some domain name and setting up a server.
The important thing is long-term name stability. The domain we choose will
determine the URL that we tell people to paste into their pages, and once
it's out there, we can't easily change it.
And there's also the question of shared administration of the server, in
order to avoid a single point of failure. We can easily share SSH access
to the server. But it won't do if someone needs to bug me to make a DNS
change, just because I happen to be the one who registered the domain
name. I don't know if there's a way to do shared administration of a
domain name (maybe Team Cymru does something like that?).
Currently we're using subdomains of bamsoftware.com for certain snowflake
services, for example the bridge at !https://snowflake.bamsoftware.com/.
But that's different--the name isn't important, it only needs a name so it
can have a certificate. And it doesn't really introduce a dependency on
me. If I disappeared, some other team member could register another name
pointing to the same IP address, reconfigure the bridge with a certificate
for that name, and everything would work: even currently running proxies
would restart themselves within 24h. I'm not nearly as concerned about
permanence for easily changed domains like that. But the URL of the server
actually hosting the proxy code does lock us in.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23947#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list