Policy for new Tor dirservers

Roger Dingledine arma at mit.edu
Thu Mar 23 00:22:22 UTC 2006


On Tue, Mar 21, 2006 at 01:01:51AM -0500, Roger Dingledine wrote:
> - Must be a low-downtime Tor server (computer as well as network).
> - Must have a static IP.
> - Must have been a stable Tor server for at least 3 months.
> - Must intend to stick around for the next 12 months or more.
> - Must be available to upgrade within a day or so in most cases.
>   (While we're still developing Tor, we periodically find bugs that
>   impact the whole network and require dirserver upgrades.)
> - Must have sufficient bandwidth: 200 kB/s symmetric.
> - Must promise not to censor or attack the network and users.
> - If somebody asks you to backdoor or change your server, legally or
>   otherwise, you will fight it to the extent of your abilities.
> - Should be run by somebody that Tor (i.e. Roger) knows.
> - Should be widely regarded as fair/trustworthy, or at least
>   known, by many people.
> - Dirservers (and operators) in a variety of jurisdictions are best.

Here are two more than have been suggested to me:

  - Auth dirservers must not hibernate.
  - An addendum to the "if somebody asks you to backdoor your server"
    above: if you fail to fight it, you must shut down the Tor server
    and notify us that you have.

--Roger



More information about the tor-dev mailing list