[tor-relays] FamilyGenerator: Tor MyFamily Generator

nusenu nusenu-lists at riseup.net
Sun Jul 22 16:01:00 UTC 2018

>> - you run your own AS and all servers in that AS are under your control (parameter: as)
>> https://metrics.torproject.org/onionoo.html#parameters_as
> This effectively puts MaxMind in charge of MyFamily.

good point and I guess there is only a handful of operators with their 
own AS anyway

>> - all your relays are under your own DNS domain and only you can generate DNS A records for that domain
>> and [1] is implemented
>> (note: these onionoo fields appear currently somewhat broken)
> There is no attempt currently to perform any DNSSEC or other validation.

I was about to make a ticket for that when I wrote the last mail, 
since using a DNSSEC validating resolver should not be a whole lot of effort.


> Onionoo is useful for many things, but I don't think this is one of
> them. Instead, you can use Ansible/Salt/Puppet/whatever to configure
> MyFamily and there are plenty of ways out there to do this.


nonetheless I find it positive that Neel now finally has a (proper?) MyFamily
config probably because of this non-perfect way of collecting FPs.

I still hope no one is using onionoo query results to alter their config *automatically*


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180722/cad431d4/attachment.sig>

More information about the tor-relays mailing list