[tor-dev] Is there strictly a one-to-one BW scanner to BW auth relationship?

[Rob Jansen]

> On Mar 25, 2018, at 12:13 PM, Sebastian Hahn <hahn.seb at web.de> wrote:
> 
> 
>> On 24. Mar 2018, at 13:50, Rob Jansen <rob.g.jansen at nrl.navy.mil> wrote:
>>> I think moria1 runs its own, and Faravahar runs its own. I've lost track
>>> of the others, but I'd guess that bastet also runs its own, and that
>>> maatuska pulls numbers from a bwauth that tjr runs.
>>> 
>>> https://consensus-health.torproject.org/#bwauthstatus
>> 
>> Hmm. I wish we were more transparent about who is running scanners and which bwauths consume results from which scanners. Something to keep in mind for those of us working on next-gen replacement scanners.
> 
> It is at the discretion of the bwauth operator to ensure that
> they're using a trusted source for their data. To me, that
> means anything other than running the code myself is utterly
> unacceptable, other operators might make other choices. I
> think it makes sense to say that the operator of a given bw
> auth is *responsible* for whatever they're voting on, whether
> they run the bwauth themselves or not.

I totally agree! Though, I do think that the decisions of which data sources are used could be made public - not as a means to call into question or criticize the choice of the data source, but more as a means to understand how the system works. Eventually (in an ideal world where the scanners report their status) the community could help monitor the health of the scanners. If this makes the job of a bwauth more difficult (we should design it so it doesn't), that should certainly be considered as well.

Best,
Rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180325/bb488d1f/attachment.sig>