[tor-relays] Relay "kingqueen" lost Named attribute

kingqueen kingqueen at btnf.tw
Fri Aug 22 20:08:01 UTC 2014 

Thank you Patrick, that was very helpful.

I was subscribed to the Tor weekly news. I don't know what happened, my emails stopped, I shall investigate and reinstate.

Thanks

On August 22, 2014 7:36:06 PM GMT+01:00, Patrick ZAJDA <patrick at zajda.fr> wrote:
>Hi,
>Le 22/08/2014 19:23, kingqueen a écrit :
>> Does anybody know why my relay "kingqueen" has lost its Named
>> attribute?
>https://atlas.torproject.org/#details/7B48192A59A903F914ECF73ADBC3711F3E8EAE01
>>
>This extract from the last Tor weakly news should answer to your
>answer:
>
>> The Tor network no longer supports designating relays by name
>> -------------------------------------------------------------
>>
>> Since the very first versions of Tor [8], relay operators have been
>able
>> to specify “nicknames” for their relays. Such nicknames were
>initially
>> meant to be unique across the network, and operators of directory
>> authorities would manually “bind” a relay identity key after
>verifying
>> the nickname. The process became formalized with the “Named” flag
>> introduced in the 0.1.1 series [9], and later automated with the
>0.2.0
>> series. If a relay held a unique nickname for long enough, the
>authority
>> would recognize the binding, and subsequently reserve the name for
>half
>> a year.
>>
>> Nicknames are useful because it appears humans are not very good at
>> thinking using long strings of random bits. Initially, they made it
>> possible to understand what was happening in the network more easily,
>> and to designate a specific relay in an abbreviated way. Having two
>> relays in the network with the same nickname is not really
>problematic
>> when one is looking at nodes, or a list in Globe [10], as relays can
>> always be differentiated by their IP addresses or identity keys.
>>
>> But complications arise when nicknames are used to specify one relay
>to
>> the exclusion of another. If the wrong relay gets selected, it can
>> become a security risk. Even though real efforts [11] have been made
>to
>> improve the situation, properly enforcing uniqueness has always been
>> problematic, and a burden for the few directory authorities that
>handle
>> naming.
>>
>> Back in April, the “Heartbleed” bug [12] forced many relays to switch
>to
>> a new identity key, thus losing their “Named” flag. Because this
>meant
>> that anyone designating relays by their nickname would now have a
>hard
>> time continuing to do so, Sebastian Hahn decided to use the
>opportunity
>> to get rid of the idea entirely [13].
>>
>> This week, Sebastian wrote [14]: “Code review down to 0.2.3.x has
>shown
>> that the naming-related code hasn’t changed much at all, and no
>issues
>> were found which would mean a Named-flag free consensus would cause
>any
>> problems. gabelmoo and tor26 have stopped acting as Naming Directory
>> Authorities, and — pending any issues — will stay that way.”
>>
>> This means that although you can still give your relay a nickname in
>its
>> configuration file, designating relays by nickname for any other
>purpose
>> (such as telling Tor to avoid using certain nodes) has now stopped
>> working.  “If you — in your Tor configuration file — refer to any
>relay
>> by name and not by identity hash, please change that immediately.
>Future
>> versions of Tor will not support using names in the configuration at
>> all”, warns Sebastian [15].
>>
>>   [8]:
>>
>https://gitweb.torproject.org/tor.git/blob/161d7d1:/src/config/torrc.in#l20
>>   [9]:
>>
>https://gitweb.torproject.org/torspec.git/blob/HEAD:/attic/dir-spec-v2.txt#l427
>>  [10]: https://globe.torproject.org/#/search/query=Unnamed
>>  [11]:
>>
>https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/122-unnamed-flag.txt
>>  [12]: https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
>>  [13]:
>>
>https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/235-kill-named-flag.txt
>>  [14]:
>>
>https://lists.torproject.org/pipermail/tor-dev/2014-August/007348.html
>>  [15]:
>>
>https://lists.torproject.org/pipermail/tor-talk/2014-August/034380.html
>
>Hop this helps.
>
>Regards,

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

More information about the tor-relays mailing list