[tor-relays] T-shirts and Confirming Relay Control

Geo Rift tim.cochrane.laptop at gmail.com
Tue May 5 10:53:30 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

AVee,

Would it not be possible for me to specify the ExitNode in my torrc
and then do the wget to prove my "ownership"?
I haven't tried to specify a single node before so I'm not sure if it'd work.

Thanks,
Tim

-----BEGIN PGP SIGNATURE-----
Version: Mailvelope v0.13.1
Comment: https://www.mailvelope.com

wsFcBAEBCAAQBQJVSKElCRC8Tq5FO2jmKgAA4hMP/3nPoz/ygyRrtpzWxYQT
S6+EN5A3DlPHX/fWgSHVdtaZKatb/OBfH4db6anvf1T1t7yhA8u1YxTKSLxA
TOB0Bk3n5BC6H0dCBusAMLcGBb/r/navz5ficu2N8/mP7Yvee2zMuTMPmWML
awWw1pgh90cHQbMYvs0k5/DsByxzdfRPzkSL5i1jrKNyiEaDNZTDMo0dm2cf
dkyiW/Qr1HueO8qkVTzzeGthCVN+saUmhfWIKnQfs1nMG64Hrh+8S7oMEmoK
efHJT6bAPn0fWr9STiqV19xKmAPuYAOSSHMOdRiI8CAS/bfPMZQvOjHwmKBm
Tp0AqKrVequEQDiKeuQOinEksdMVMPi8C1ifCL70GM4T5QOyK2CzbSuWmi8e
fr2D/mN5fSKVcITgud29FxQKYjP8rmxYcCBBTF9m4/W/XdN9eXrOjHko0HEK
4dGMmzdf6/Wx9+kgS3n9pcOabSd742FUwb2ZqIRXsxpcg0S8mJc3vU5OVTsC
VurtbRQVycIbfOvDtqogbUpPGLe3D/Z0nkqjHuoP746SKFnNeB6rVu9b4Zdh
HDclgMy9L2q2nuOS1KvOfDgoEYa0A/tfRDG4qahaovrn/ayonAvwtnUgtgkK
HMdyh83msC72l3apxAMqCh6sZfijuxjIOTUQBicbHemrLyf1KVrK7RJ/6U4h
phH0
=ZXd3
-----END PGP SIGNATURE-----


On 5 May 2015 at 17:58, AVee <d6relay at d6.nl> wrote:

> On 2015-05-03 19:44, Matthew Finkel wrote:
>
>> Hi Ops,
>>
> [...]
>
>> For this case, we need an authentication mechanism which
>> proves control of the relay but is something relay operators won't mind
>> running.
>>
>> My currently plan is to ask relay operators to sign the fingerprint file
>> which tor creates. The major disadvantage of this method is that it must
>> be run as root (or a user with access to tor's data directory).
>>
>
> If you are willing to lower the bar for 'proof' a bit I'd ask them to
> fetch a confirmation url send to them from the connection their node runs
> on. Spoofing an IP address for a TCP connection isn't trivial and seems
> rather a lot of effort for just a t-shirt. So it at least proofs access to
> the connection the node is running on. That could be a simple unprivileged
> wget one-liner.
>
> It leaves room for some abuse, but does raise the bar quite a bit.
>
> If you do want to use the tor key couldn't you use it as a key for ssl
> client authentication? That would allow for further automation and you
> could be build into tor in the future.
>
> AVee
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150505/8cc8e729/attachment.html>


More information about the tor-relays mailing list