[tor-dev] shipping with fallbackdir sources

teor teor2345 at gmail.com
Tue Apr 28 19:46:24 UTC 2015


> 
> Date: Fri, 17 Apr 2015 18:56:01 +0200
> From: Peter Palfrader <weasel at torproject.org>
> 
> Hi,
> 
> so, Tor has included a feature to fetch the initial consensus from nodes
> other than the authorities for a while now.  We just haven't shipped a
> list of alternate locations for clients to go to yet.
> 
> Reasons why we might want to ship tor with a list of additional places
> where clients can find the consensus is that it makes authority
> reachability and BW less important.
> 
> At the last Tor dev meeting we came up with a list of arbitrary
> requirements that nodes should meet to be included in this list.
> 
> We want them to have been around and using their current key, address,
> and port for a while now (120 days), and have been running, a guard, and
> a v2 directory mirror for most of that time.
> 
> I have written a script to come up with a list of notes that match our
> criteria.  It's currently at
> https://www.palfrader.org/volatile/fallback-dir/get-fallback-dir-candidates
> 
> It currently produces
> https://www.palfrader.org/volatile/2015-04-17-VjBkc8DWV8c/list
> 
> Discuss :)

Peter, your list only includes the IPv4 addresses of the directories.
Can you include the IPv6 addresses as well, like:
https://trac.torproject.org/projects/tor/ticket/8374#comment:8

If we can get a list we're happy with, I propose we distribute them in a similar fashion to the geoip file, a flat file provided with the distribution. This would require a torrc option for the location of the file.

(I don't think signing the file has a specific threat model: the list of directory authorities themselves could almost as easily be modified in the code before a build.)

Do we need to contact the operator of each directory mirror for permission?

teor

teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5

teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150429/35e51610/attachment.sig>


More information about the tor-dev mailing list