jurisdictional concentration of authorities
Roger Dingledine
arma at mit.edu
Mon Jun 22 05:22:30 UTC 2009
On Sun, Jun 21, 2009 at 09:43:51PM -0500, Scott Bennett wrote:
> Perhaps it may be time to revisit an old discussion here with the
> developers. At present, just seven directory authorities are listed in the
> directory.
Actually, only five v3 authorities are up right now. The sixth
(dannenberg) appears down.
The others you're seeing are moria2 (v1 and v2 authority, but not v3),
and Tonga (bridge authority).
> Three of these fall within the jurisdiction of the United States,
> and the remainder fall within the jurisdiction of the European Union.
Yep. Of the current 6 v3 authorities, there are:
moria1 (US)
ides (US)
tor26 (Austria)
gabelmoo (Germany)
dizum (Netherlands)
dannenberg (Germany)
We're planning to add a seventh soon (lostinthenoise, US). But it's
currently a real pain to add an authority; see proposal 165 for details.
See also
https://git.torproject.org/checkout/tor/master/doc/contrib/authority-policy.txt
for more discussion.
> This
> situation presents a substantial vulnerability to the tor network, IMO,
> given the degree of cooperation between the two jurisdictions, not to mention
> the arrangements among the EU's member states and the U.S.
A coordinated DoS of 4 of them might be conceivable. If it happens,
we'll learn from that and adapt.
Installing backdoors on 4 of them and then keeping them up seems much
harder.
> Are we now at an appropriate stage such that the developers could
> entertain the idea of discreetly soliciting a few more potential authority
> sites and operators in other jurisdictions? I submit, for examples, that
> Brazil, Japan, and probably the Union of South Africa may have adequately
> fast and reliable Internet infrastructures that such sites might be available
> in those jurisdictions.
We're happy to add more authorities, once we get proposal 165 in. We
totally should.
The limiting factor in these countries you name is trustworthy dedicated
competent humans who also have good Internet providers. Without actual
people we know and trust, it doesn't really seem like a good move.
--Roger
More information about the tor-talk
mailing list