[tor-relays] T-shirts and Confirming Relay Control

Tom van der Woerdt info at tvdw.eu
Sun May 3 22:31:01 UTC 2015 

Matthew Finkel schreef op 03/05/15 om 14:47:
> On Sun, May 03, 2015 at 08:20:54PM +0000, Matthew Finkel wrote:
>> On Sun, May 03, 2015 at 12:05:49PM -0700, Aaron Hopkins wrote:
>>> On Sun, 3 May 2015, Matthew Finkel wrote:
>>>
>>>> Assuming the path to their data dir is /var/lib/tor, we ask them to run:
>>>
>>> Please don't get in the habit of asking relay operators through e-mail to
>>> run complex bash command lines as root.  As a security practice, this is
>>> terrible.  (How do you know the suggested command wasn't altered before it
>>> reached its recipient?)
>>
>> Yes, this is terrible, and I really hate the idea of asking it. I signed
>> all my emails for the t-shirt requests, but now we're relying on
>> everyone fetching my key and verifying the mail - so, that's also a bad
>> assumption. I don't have a good solution. This is why I'm asking.
>>
>
> What if we add the commands to the t-shirt[0] website? Again, this isn't
> a great solution, but we already have documentation which requires
> running commands with elevated privileges on there, and it's slightly
> better than sending it in an email. These commands are still more
> complex than I'd like, but if beside providing an executable or
> verifiable shell script, I'm running low on solutions.
>
> [0] https://www.torproject.org/getinvolved/tshirt
>
> Thanks,
> Matt

Hi Matt,

How about :

  * Primarily using ContactInfo for the verification
  * If you cannot match the ContactInfo, ask people to set it on their 
relays
  * If they are unwilling/unable to do so, ask them to sign their mail 
address using their secret Tor key
  * Implement a --sign option for Tor 0.2.7
  * Starting a year from now, just ask everyone to sign the request

Proving ownership of a Tor relay can be relevant for more applications 
than just Weather, so a simple --sign option can be good to have. That 
doesn't address the immediate concerns though, it's more of a long-term 
solution.

Tom

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3729 bytes
Desc: S/MIME-cryptografische ondertekening
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150503/f54799ae/attachment-0001.bin>

More information about the tor-relays mailing list