[tor-relays] pinning relay keys to IPs (or not)

Tor-Admin tor at afo-tm.org
Sun Jul 26 16:07:54 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

teor:
> 
>> On 27 Jul 2015, at 01:30 , starlight.2015q2 at binnacle.cx wrote:
>> 
>> Perhaps a way to do it is reset the consensus for a relay if its
>> IP address moves to a different Autonomous System.
>> 
>> Is rare that dynamic IP causes relays to hop ASs (e.g. possibly
>> SBC/ATT), and list of exceptions could be created for the few
>> cases where it causes trouble.
>> 
>> CYMRU has a dynamic service for looking up AS from IP.
> 
> What if an entire IP block (or entire AS) moves ASs?
> 
> What if the external dependency on CYMRU allows the entire Tor
> Network to be "reset" if CYMRU is hacked/broken/incorrect?


That will all not work, IPs are nothing which you can rely on and
reset consens if it does change. My home IP jump between to ASs every
day on reconnect. My ISP own both AS and with the IPv4 shortage that
will get even more crazy the next few years.
I'm cleary against reset consens, ban FP or what ever you guys think
would be right.
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJVtQXaAAoJEHkrhgAY5jaZjqgQAIprJTp+23DCddKlym8z/RkN
jhUK0zpWNpCYnfnlRujNtBcLoZBrKXCN5HhglOB70qsOONC6oGpKoQ1u51xiX1wL
zDH39kiRgZnhmaJm3W8J4Q2ZiLU233VLgfHsnuBWiFwGErBwRDIqMI6NDF6vbdF3
D7iXY8Adp4/6bwJaf0UDMt6qjYTUtL53vvtnjMK2eKwuwfiuXJjl8yQaDFN6qdzD
fSiohvUQdGN7oLDdqIOEmkBtX/ndK29aqvO+1mS8aXqkwDujNZHfDvoLYINJFEdG
qM5v7FLZY7Ey2FB3jaJQICq0DjUcRQM2+i2XilKQH/nQNeX5t4VjEhv4Gj+WR86b
S7v+m2vEwzLqqeZlyii31Cl9LBN8xOzUaw1JP2ErC9gxoB0BxyOz7Nv5Op49l1d6
yRxgYxyD/JIXJEC6GwvOCZOjITZBlMq4rhTX8kNLafwyiw2VucP5iPfEFZ09rXNt
9wr+68fhUU9OqUiolZJ44dIkRhBvymTaBFZNIcXqlrEh63vrIX5RSmNldxH84cau
6IpAuBREA7teqrWxoxYw/s2M6+BHqQiJVK5I4rlJyTk8KLyraDQ2W+QjGF2ZCKn9
HRiLTelLuREtH2nR4JDIrOAL+OacF6cqnh0ozRe/1h3q6zgEhp263GZxVpvroL9V
6yVR/Y6yi9mAQ/BHTgAG
=ZZCo
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x18E63699.asc
Type: application/pgp-keys
Size: 3078 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150726/ace48e5d/attachment.key>


More information about the tor-relays mailing list