Wed May 24 14:03:58 UTC 2017

#22363: Make our test network public
     Reporter:  dgoulet
         Type:  enhancement     |     Status:  new
     Priority:  Medium
    Component:  Core Tor/Tor  |    Version:
     Keywords:  test-network
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
 It would be really great if we could have our test network public so
 people can join it to help and other projects could use its data openly.

 However, by doing so right now, the network can basically become a "Tor 2"
 or have the issue that any tor from the current network could use the
 nodes in the test network without it being in the consensus. This is
 problematic since operators signing up for the test network should not be
 receiving legitimate traffic or their Exit being used for regular traffic
 which is bad.

 Here are some ideas we can play around with:

 1) Make relay in the test network advertise that they are for "Testing" in
 their descriptor and then making the dirauth ignore that line for the real
 network consensus which would make a normal tor ignore them. However, it
 doesn't protect against a modified tor that just ignore that line in the
 descriptor and end up picking the nodes.

 2) Provide a firewall script for the Exit node operator that blocks all
 outbound connections except maybe one localhost service that could be
 setup for testing the actual Exit circuit. This is also partial because
 hidden service.

 3) Make the test network *not* connect to unknown relays but I'm not to
 sympathetic to this fix as it makes the test network behave differently
 from the real one.

 4) Do NOT make the test network public and just scrubs the data for
 IP/Port so we can put that data openly but the network stays private.

 5) ... ?

