On 21.07.2016 17:36, Marina Brown wrote:
Maybe i am out of line for suggesting this but i will suggest anyway. Might i suggest that the next bridge authority be hosted on tor inc ip space and perhaps be 2 hosts instead of one.
It looks like this was a single point of failure. It would be easy enough to have a volunteer bgp announce a specific ip address. If they decided to drop out then it would not cause this type of consternation in the future. Having more than one bridge auth has obvious benefits.
While hijacking the bridge authority does not directly and immediately harm the Tor network, and an evil BGP entry could most probably not be upheld for more than 24h worst-case, I still support the idea of introducing more authority nodes than just a single one.
But then again, I don't have much knowledge about the related source code either.