[tor-relays] Relay "kingqueen" lost Named attribute

Patrick ZAJDA patrick at zajda.fr
Fri Aug 22 18:36:06 UTC 2014


Hi,
Le 22/08/2014 19:23, kingqueen a écrit :
> Does anybody know why my relay "kingqueen" has lost its Named
> attribute? https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE01
>
This extract from the last Tor weakly news should answer to your answer:

> The Tor network no longer supports designating relays by name
> -------------------------------------------------------------
>
> Since the very first versions of Tor [8], relay operators have been able
> to specify “nicknames” for their relays. Such nicknames were initially
> meant to be unique across the network, and operators of directory
> authorities would manually “bind” a relay identity key after verifying
> the nickname. The process became formalized with the “Named” flag
> introduced in the 0.1.1 series [9], and later automated with the 0.2.0
> series. If a relay held a unique nickname for long enough, the authority
> would recognize the binding, and subsequently reserve the name for half
> a year.
>
> Nicknames are useful because it appears humans are not very good at
> thinking using long strings of random bits. Initially, they made it
> possible to understand what was happening in the network more easily,
> and to designate a specific relay in an abbreviated way. Having two
> relays in the network with the same nickname is not really problematic
> when one is looking at nodes, or a list in Globe [10], as relays can
> always be differentiated by their IP addresses or identity keys.
>
> But complications arise when nicknames are used to specify one relay to
> the exclusion of another. If the wrong relay gets selected, it can
> become a security risk. Even though real efforts [11] have been made to
> improve the situation, properly enforcing uniqueness has always been
> problematic, and a burden for the few directory authorities that handle
> naming.
>
> Back in April, the “Heartbleed” bug [12] forced many relays to switch to
> a new identity key, thus losing their “Named” flag. Because this meant
> that anyone designating relays by their nickname would now have a hard
> time continuing to do so, Sebastian Hahn decided to use the opportunity
> to get rid of the idea entirely [13].
>
> This week, Sebastian wrote [14]: “Code review down to 0.2.3.x has shown
> that the naming-related code hasn’t changed much at all, and no issues
> were found which would mean a Named-flag free consensus would cause any
> problems. gabelmoo and tor26 have stopped acting as Naming Directory
> Authorities, and — pending any issues — will stay that way.”
>
> This means that although you can still give your relay a nickname in its
> configuration file, designating relays by nickname for any other purpose
> (such as telling Tor to avoid using certain nodes) has now stopped
> working.  “If you — in your Tor configuration file — refer to any relay
> by name and not by identity hash, please change that immediately. Future
> versions of Tor will not support using names in the configuration at
> all”, warns Sebastian [15].
>
>   [8]:
> https://gitweb.torproject.org/tor.git/blob/161d7d1:/src/config/torrc.in#l20
>   [9]:
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/attic/dir-spec-v2.txt#l427
>  [10]: https://globe.torproject.org/#/search/query=Unnamed
>  [11]:
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/122-unnamed-flag.txt
>  [12]: https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
>  [13]:
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/235-kill-named-flag.txt
>  [14]:
> https://lists.torproject.org/pipermail/tor-dev/2014-August/007348.html
>  [15]:
> https://lists.torproject.org/pipermail/tor-talk/2014-August/034380.html

Hop this helps.

Regards,

-- 
Patrick ZAJDA
Skype: gansta93



More information about the tor-relays mailing list