[tor-project] New Bridge Authority
pete at petertodd.org
Thu Aug 4 04:30:06 UTC 2016
On Wed, Aug 03, 2016 at 09:54:38AM +0000, isis agora lovecruft wrote:
> Hello all,
> Today, I am very excite to take a field trip (!!) to a datacenter (!!!) with
> some most excellent folks from Greenhost (DrWhax and Sacha!!!). We will be
> racking a server and installing an OS on it, and getting it ready to be a new
> Bridge Authority to replace Tonga.
> Earlier this week, David Goulet and I got a Bridge Authority up and running in
> a test network, so perhaps a logical step will be to put the new Bridge Auth
> into the test network and ensure that it's at least cursorily behaving.
Subject to the desire to avoid releasing security-sensitive info that an
attacker could use to compromise that authority, it'd be good to have a public
writeup of how the server is setup, and what security precautions have been
taken to prevent its compromise, including software and hardware security.
I think this would have a lot of value both for Tor project transparency, as
well as educational value for the wider community. In the Bitcoin community I'm
a part of failures in operating sufficiently secure trusted servers have caused
a number of disasters - and are an ongoing risk - so I'd love to be able to
point people to the Tor project as an example of good practices.
Equally, in the Bitcoin community some companies are gradually getting better
at this - Blockstream as an example will need to setup a number of trusted
servers for its Liquid sidechain technology - and I'm sure at least some of
those companies would be also willing to make public how they've tackled the
challenge of setting up trusted servers.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: Digital signature
More information about the tor-project