[tor-dev] Proposal 334: A flag to mark Relays as middle-only

s7r s7r at sky-ip.org
Thu Sep 16 12:52:29 UTC 2021

Tor Relays wrote:
> David Goulet:
>     However, I'm not sure we should always let 1 authority dictate that flag
>     regardless of what the others think.
>     I think we need to enforce majority here and not have one
>     single authority dictate it.
>     Thoughts?
> +1
> I can compromise one authority and can MiddleOnly the whole Tor network.


of course we should not allow just 1 Directory Authority to have this 
power. This would undermine the security model of the consensus we have 
in Tor -- that is why we have more Directory Authorities controlled by 
different people in different jurisdictions / parts of the world so it's 
hard for an attacker to compromise all at once. We know and agree it's 
simple and cheap (even free if it's a LEA with a subpoena) to compromise 
one directory authority but much harder to compromise 50% + 1.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20210916/9d2d0e5e/attachment.sig>

More information about the tor-dev mailing list