[tor-bugs] #30164 [Core Tor/Tor]: Inconsistent Guard flag assignment

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Apr 15 15:27:33 UTC 2019


#30164: Inconsistent Guard flag assignment
--------------------------+----------------------------------
 Reporter:  Jaym          |          Owner:  (none)
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:  Tor: unspecified
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+----------------------------------

Comment (by Jaym):

 Replying to [comment:3 arma]:
 > I believe that we are currently doing things as intended. That is, I
 think when we built the thing that is happening now, we meant to build it
 that way.
 >
 > But I agree with you that we should consider changes. See ticket #11327
 for what I think is the same ticket as this one (and even mentions the
 same issue with the Fast flag too, as Aaron points out).
 >
 > The problem stems from the fact that we deployed the bwauth measurement
 concept, but then only some authorities started measuring, which creates
 an imbalance where some authorities are more important (and more
 influential) than others.

 Allow me to draw a parallel: I see the Tor ecosystem a bit like a
 representative but auditable democracy, where some trusted people vote
 upon inputs. This problem looks like if one of the elected individuals was
 casting vote over project/law that they did not even read. It sounds like
 the trusted person does not make an educated opinion about the question
 but comply with (potentially) malicious party to cast an uneducated vote.
 If such a thing was verifiable IRL, that would really be upsetting no?

 That's why I wonder if we should not make uneducated opinions to back off
 for this kind of feature. And as you said, it creates imbalance. Yet, we
 could come up with some rules like if "half of the trustees have educated
 opinions on security features, let's trust them". That looks reasonable
 and fairly easy to implement.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30164#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list