[tor-talk] Directory Server Decentralization

Sebastian G. <bastik.tor> bastik.tor at googlemail.com
Wed Jan 30 18:41:50 UTC 2013



me replying as non-tor-people, non-dev, non-crypto-expert, non-researcher.

> How far along is the Directory Server decentralization in general?

If you talk about DHT (distributed hash tables) to bootstrap rather than
fetching the consensus from a central place or a mirror... I remember
that it wasn't safe enough back at that time. I don't know if anyone is
working on it.

> How is the idea of breaking up the Tor relay list into smaller groups to
> frustrate efforts to block Tor in certain countries?

If that's for the relay list, probably not so useful. Censors could
still put them back together. Every client has to know about the
network. All an attacker would have to do is run a client and block
every IP:PORT it finds in the consensus.

And the list of relays is available. Projects of the Tor Project show
currently running relays.

If that's for unlisted relays aka bridges, it exists to some degree. The
pool of bridges is split and different addresses are given out via
email, website and manually.

> Has anyone broached the idea of more isolated Bridge communities with
> their own independent directories, yet?

If I'm not mistaking Torservers.net operates bridges that don't publish
themselves to the BridgeDB.

> What about the idea of being able to easily create custom "spins" of the
> Tor Browser Bundle for use over private VPN networks or special private
> bridge relay networks?

The are bundles containing obfsproxy and flash proxy to work around

It separates the user base. It is also a malware problem. I haven't seen
such bundle, but they seem to exist. People seem to find it a good idea
to repack the bundle with some nasty stuff. Therefore users have to
trust those creating these "spins".

> What about the ability to run Tor "Gateways" which act as a gateway
> between private bridge communities and the relays they use there, and
> the public global relay network?

Please have a look at flash proxy [1], it goes in that direction with
ticket 7944 [2]

> Thank you for your time, and I appreciate any feedback on any of these
> ideas.

Thank you for your time as well. Thank you for thinking about how to
improve/change things.

Sebastian (bastik_tor)

[1] http://crypto.stanford.edu/flashproxy/
[2] https://trac.torproject.org/projects/tor/ticket/7944

More information about the tor-talk mailing list