[tor-relays] FamilyGenerator: Tor MyFamily Generator
nusenu
nusenu-lists at riseup.net
Sun Jul 22 16:01:00 UTC 2018
>> - you run your own AS and all servers in that AS are under your control (parameter: as)
>> https://metrics.torproject.org/onionoo.html#parameters_as
>
> This effectively puts MaxMind in charge of MyFamily.
good point and I guess there is only a handful of operators with their
own AS anyway
>> - all your relays are under your own DNS domain and only you can generate DNS A records for that domain
>> and [1] is implemented
>> (note: these onionoo fields appear currently somewhat broken)
>
> There is no attempt currently to perform any DNSSEC or other validation.
I was about to make a ticket for that when I wrote the last mail,
since using a DNSSEC validating resolver should not be a whole lot of effort.
https://trac.torproject.org/projects/tor/ticket/26901
> Onionoo is useful for many things, but I don't think this is one of
> them. Instead, you can use Ansible/Salt/Puppet/whatever to configure
> MyFamily and there are plenty of ways out there to do this.
+1
nonetheless I find it positive that Neel now finally has a (proper?) MyFamily
config probably because of this non-perfect way of collecting FPs.
I still hope no one is using onionoo query results to alter their config *automatically*
--
https://twitter.com/nusenu_
https://mastodon.social/@nusenu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180722/cad431d4/attachment.sig>
More information about the tor-relays
mailing list