Directory Server

nile at deadbox.ath.cx nile at deadbox.ath.cx
Mon Dec 18 12:59:37 UTC 2006


On Mon, Dec 18, 2006 at 07:14:21PM +0800, RMS wrote:
> Hi!
> 
> I was looking through the Tor's overview homepage and I understand for
> Tor to build a path, it must first obtain a list of Tor nodes from a
> directory server. I like to ask how can I trust the directory server
> in the first place? Can my govenment set up such a server and give me
> a list of government owned Tor nodes instead? Surely she can redirect
> all traffic (if the IP address of the Tor's directory server is
> hardcoded into the Tor client) from the Tor's directory server to her
> own server?

Yes, the directory servers are a trust bottleneck. There are currently
only a handful (6, I believe) of trusted authorities whose IP addresses
are hard-coded into the Tor source code. While a well-funded attacker
can create a large amount of Tor nodes, the attacker would also have to
social engineer the developers to become a directory authority.

I think 2 of the directory authorities are run by Roger, one of the lead
Tor developers. If you don't trust him, you probably shouldn't be using
his software ;).

Sorry about the fuzzy numbers, hoped that helps regardless,
Nile


-- 
 .''`. | This Sig Kills Fascists!
: :' : |  http://deadbox.ath.cx
`. `'
  `-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20061218/55cc6276/attachment.pgp>


More information about the tor-talk mailing list