[tor-bugs] #29448 [Obfuscation/BridgeDB]: Provide a dir-spec implementation that serves sanitised descriptors
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 11 16:15:53 UTC 2019
#29448: Provide a dir-spec implementation that serves sanitised descriptors
----------------------------------+-----------------------------------
Reporter: irl | Owner: sysrqb
Type: project | Status: needs_information
Priority: Low | Milestone:
Component: Obfuscation/BridgeDB | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------+-----------------------------------
Comment (by irl):
Is it currently possible for someone to operate their own CollecTor
instance and archive bridge descriptors? The answer is no unless they are
syncing from our CollecTor instance.
We have access to bridge IPs, which is sensitive information, regardless
of whether or not we publish that information. This is a violation of not
handling sensitive information.
> So, the goal here is basically to extract the sanitizing code from
CollecTor and put it on the BridgeDB host, probably rewritten in a
different language. Right?
Yes.
> However, I can also see the downsides: code complexity of BridgeDB will
suddenly increase, and whoever runs BridgeDB has one more complex thing to
take care of.
We do get the benefit that we no longer have to handle bridge IPs and
things are more reproducible. It is also easier for people to run testing
BridgeDBs with a testing CollecTor instance. It is also easier for people
to run their own production BridgeDBs that we can see statistics of (which
is a goal that has been previously discussed, to reduce reliance on the
single BridgeDB instance and allow orgs to set up their own).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29448#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list