Neel, I get the security vs usability considerations between centralized vs decentralized (or in the case of Tor semi-decentralized) networks. However, at a minimum, doesn't it make sense to exclude publishing address information from Tor metrics, etc, as to stop giving censorship organizations a free handout? Force them to invest resources to setup distributed Tor relays to glean addresses asynchronously in the wild. As it stands, all they have to do is write a simple bot to extract the synchronously published data on a daily basis. It seems to be an inherent obstacle in design attempting to anonymize a sub-network within an established known super-network. Thank you for your response. Respectfully,
Gary— This Message Originated by the Sun. iBigBlue 63W Solar Array (~12 Hour Charge) + 2 x Charmast 26800mAh Power Banks = iPhone XS Max 512GB (~2 Weeks Charged)
On Thursday, December 23, 2021, 10:14:05 PM PST, Neel Chauhan neel@neelc.org wrote:
On 2021-12-22 22:42, Gary C. New via tor-relays wrote:
I know it might be a fundamental change to the Tor network, but would it be possible to obfuscate the Tor bridge/relay addresses with their respective fingerprints; similar, to the I2P network? I've often thought that this aspect of the I2P network is one that is implemented well. Perhaps Directory Authorities could preform fingerprint to address resolution? I think it would be extremely beneficial if neither bridge or relay addresses were published in the wild. It would make great strides in further buffering the Tor network from various black-listing/censorship techniques.
The thing is, while Tor itself is decentralized, the directory authorities and fallback directories are not.
For a Tor client to bootstrap, you need a list of relays to be able to connect to. And in turn you have to contact the dirauths or the fallbacks.
While you could use an I2P-style or more recently blockchain-style setup, I believe there was a reason for Tor to use centralized dirauths.
I can't seem to find the article/FAQ right now, even though I had it a few years ago. I'm guessing it's to prevent malicious dirauths, unlike how Bitcoin could get manipulated by bad actors with a decentralized authority system.
Respectfully,
Gary
-Neel