[tor-dev] Proposal 334: A flag to mark Relays as middle-only
s7r
s7r at sky-ip.org
Thu Sep 16 12:52:29 UTC 2021
Tor Relays wrote:
> David Goulet:
>
> However, I'm not sure we should always let 1 authority dictate that flag
> regardless of what the others think.
>
> I think we need to enforce majority here and not have one
> single authority dictate it.
>
> Thoughts?
>
>
> +1
>
> I can compromise one authority and can MiddleOnly the whole Tor network.
>
+1
of course we should not allow just 1 Directory Authority to have this
power. This would undermine the security model of the consensus we have
in Tor -- that is why we have more Directory Authorities controlled by
different people in different jurisdictions / parts of the world so it's
hard for an attacker to compromise all at once. We know and agree it's
simple and cheap (even free if it's a LEA with a subpoena) to compromise
one directory authority but much harder to compromise 50% + 1.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20210916/9d2d0e5e/attachment.sig>
More information about the tor-dev
mailing list