[tor-project] New Bridge Authority

[Peter Todd]

On Wed, Aug 03, 2016 at 09:54:38AM +0000, isis agora lovecruft wrote:
> Hello all,
> 
> Today, I am very excite to take a field trip (!!) to a datacenter (!!!)  with
> some most excellent folks from Greenhost (DrWhax and Sacha!!!).  We will be
> racking a server and installing an OS on it, and getting it ready to be a new
> Bridge Authority to replace Tonga.
> 
> Earlier this week, David Goulet and I got a Bridge Authority up and running in
> a test network, so perhaps a logical step will be to put the new Bridge Auth
> into the test network and ensure that it's at least cursorily behaving.

Subject to the desire to avoid releasing security-sensitive info that an
attacker could use to compromise that authority, it'd be good to have a public
writeup of how the server is setup, and what security precautions have been
taken to prevent its compromise, including software and hardware security.

I think this would have a lot of value both for Tor project transparency, as
well as educational value for the wider community. In the Bitcoin community I'm
a part of failures in operating sufficiently secure trusted servers have caused
a number of disasters - and are an ongoing risk - so I'd love to be able to
point people to the Tor project as an example of good practices.

Equally, in the Bitcoin community some companies are gradually getting better
at this - Blockstream as an example will need to setup a number of trusted
servers for its Liquid sidechain technology - and I'm sure at least some of
those companies would be also willing to make public how they've tackled the
challenge of setting up trusted servers.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20160804/42196f46/attachment.sig>