[tor-talk] New release candidate: Tor

Roman Mamedov rm at romanrm.net
Fri Jan 22 17:31:45 UTC 2021

On Fri, 22 Jan 2021 12:02:50 -0500
Nick Mathewson <nickm at torproject.org> wrote:

>   o Major bugfixes (authority, IPv6):
>     - Do not consider multiple relays in the same IPv6 /64 network to be
>       sybils. Fixes bug 40243; bugfix on

Each /64 should be treated as an equivalent to 1 address in the IPv4 world, so
it seems to me that the original code was correct.

Any home user gets at least one /64 from their ISP [1]. It is not the minimum
routable block on the internet (as per bugreport[2]), the minimum is actually
a /48. But it is the minimum block that is usable on a LAN with SLAAC
auto-configuration, and as such is the minimum block any ISP will provide to a
home broadband subscriber.

Some server hosts do put multiple distinct users within the same /64 -- but
they are wrong in doing that, there should be no pampering to that practice.

I suggest to carefully reconsider if giving a free pass to run any number of
relays from a single /64, which are in most cases controlled entirely by a
single user, and then relying on path selection to limit the damage, is not
weakening the security model too much just to accommodate for a few bad

[1] https://www.ripe.net/publications/docs/ripe-690/

[2] https://gitlab.torproject.org/tpo/core/tor/-/issues/40243

With respect,

More information about the tor-talk mailing list