Hi,
I see the Authority Nodes are located only in North America and Europe. I would like to contribute to the TOR network as much as possible. I am currently running a node and I would like to make it an Authority Node as well. I am from Brazil and I believe it would possibly be a good idea to have a new Authority Node in South America. What are the requirements? What should I do to become one of them? FYI, the node I am running is 79DFB0E1D79D1306AF03A4B094C55A576989ABD1
Thanks, Vitor Milagres
I see the Authority Nodes are located only in North America and Europe. I would like to contribute to the TOR network as much as possible. I am currently running a node and I would like to make it an Authority Node as well. I am from Brazil and I believe it would possibly be a good idea to have a new Authority Node in South America. What are the requirements? What should I do to become one of them? FYI, the node I am running is 79DFB0E1D79D1306AF03A4B094C55A576989ABD1
Hello and thanks for running the exit node,
If you mean the authorities like moria1, tor26 and so on, this is unfortunately the part where we must put our trust in flesh machines instead of clean algorithms. Therefore operators of those servers are not just random people, who run nodes like you or me.
I don’t know the exact selection process, but what I know is that knowing the operator in person for a long time is one of the prerequisities. That explains why authorities are located only in North America and Europe. Another factor, but this is only my guess, may be that the state must be perceived as relatively safe and non-interfering in hidden, muddy or plainly illegal ways. This is why I would myself be against running such an authority in my own country. But this is all I can tell or guess.
Cheers
On Fri, Jun 19, 2020 at 07:10:43AM -0300, Vitor Milagres wrote:
I see the Authority Nodes are located only in North America and Europe. I would like to contribute to the TOR network as much as possible. I am currently running a node and I would like to make it an Authority Node as well. I am from Brazil and I believe it would possibly be a good idea to have a new Authority Node in South America. What are the requirements? What should I do to become one of them? FYI, the node I am running is 79DFB0E1D79D1306AF03A4B094C55A576989ABD1
Thanks for your interest in running a directory authority! Long ago we wrote up a set of goals for new directory authorities: https://gitweb.torproject.org/torspec.git/tree/attic/authority-policy.txt
It is definitely an informal policy at this point, but it still gets across some of the requirements.
If you're able to run an exit relay at your location, that's definitely more useful than another directory authority at this point.
Also, because we haven't automated some steps, each new directory authority that we add means additional coordination complexity, especially when we identify misbehaving relays and need to bump them out of the network quickly.
Here are two big changes since that document:
(1) The directory authorities periodically find themselves needing to scale to quite large bandwidths -- sustaining 200mbit at a minimum, and being able to burst to 400mbit or 500mbit, is pretty much needed at this point: https://bugs.torproject.org/33018
(2) Tor ships with hundreds of hard-coded relays called Fallback Directories, which distribute the load for bootstrapping into the Tor network, and which also provide alternate access points if the main directory authorities are blocked. https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors So while the directory authorities are still a trust bottleneck, they are less of a performance bottleneck than they used to be.
In summary: if you want to run a directory authority, your next step is to join the Tor community, get to know us and get us to know you, come to one of the dev meetings (once the world is able to travel again), and see where things go from there.
Thanks, --Roger
I cant find any “no rabbit rule” in this. So I am eligible?
On 20. Jun 2020, at 11:59, Roger Dingledine arma@torproject.org wrote:
On Fri, Jun 19, 2020 at 07:10:43AM -0300, Vitor Milagres wrote:
I see the Authority Nodes are located only in North America and Europe. I would like to contribute to the TOR network as much as possible. I am currently running a node and I would like to make it an Authority Node as well. I am from Brazil and I believe it would possibly be a good idea to have a new Authority Node in South America. What are the requirements? What should I do to become one of them? FYI, the node I am running is 79DFB0E1D79D1306AF03A4B094C55A576989ABD1
Thanks for your interest in running a directory authority! Long ago we wrote up a set of goals for new directory authorities: https://gitweb.torproject.org/torspec.git/tree/attic/authority-policy.txt
It is definitely an informal policy at this point, but it still gets across some of the requirements.
If you're able to run an exit relay at your location, that's definitely more useful than another directory authority at this point.
Also, because we haven't automated some steps, each new directory authority that we add means additional coordination complexity, especially when we identify misbehaving relays and need to bump them out of the network quickly.
Here are two big changes since that document:
(1) The directory authorities periodically find themselves needing to scale to quite large bandwidths -- sustaining 200mbit at a minimum, and being able to burst to 400mbit or 500mbit, is pretty much needed at this point: https://bugs.torproject.org/33018
(2) Tor ships with hundreds of hard-coded relays called Fallback Directories, which distribute the load for bootstrapping into the Tor network, and which also provide alternate access points if the main directory authorities are blocked. https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors So while the directory authorities are still a trust bottleneck, they are less of a performance bottleneck than they used to be.
In summary: if you want to run a directory authority, your next step is to join the Tor community, get to know us and get us to know you, come to one of the dev meetings (once the world is able to travel again), and see where things go from there.
Thanks, --Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi Roger,
what do we have to do to Opt-In as a Fallback Directory?
Am 20.06.2020 um 13:00 schrieb niftybunny:
I would assume that operators running relays in an end-to-end correlation position [1] due to incomplete MyFamily configuration are not considered eligible to run a directory authority.
[1] https://nusenu.github.io/OrNetStats/endtoend-correlation-groups
It is probably a good thing to separate exit relay operations from directory authority operations, we don't want to end up in a situation were a dir auth become the collateral damage of an exit relay raid.
I'm not sure if we even need more directory authorities at this point.
On 22. Jun 2020, at 22:28, nusenu nusenu-lists@riseup.net wrote:
I would assume that operators running relays in an end-to-end correlation position [1] due to incomplete MyFamily configuration are not considered eligible to run a directory authority.
Fair enough. I fucked it up.
nifty
Am Mo., 22. Juni 2020 um 22:28 Uhr schrieb nusenu nusenu-lists@riseup.net:
I would assume that operators running relays in an end-to-end correlation position [1] due to incomplete MyFamily configuration are not considered eligible to run a directory authority.
[1] https://nusenu.github.io/OrNetStats/endtoend-correlation-groups
I just would like to remember that your list is not as useful as you think it is.
I have an exit for some time now which i intentionally don't list in my family because for reasons no one needs to know i don't want to be associated with it (no i don't do traffic correlations attacks with it and i don't harm the network or its users in any way).
I think this is a very good reason to not use the MyFamily option and anyway some of the attacks teor pointed out can get mitigated when it's not visible that the operator is the same one.
Technically your list should list it but it doesn't because just changing the contact info and name is enough to not get recognized.
And when it's about trust i would rather trust someone who fails to include the (partially) useless and painful implemented MyFamily option then someone who builds a list which is easy to fool and not solving its purpose but annoying honest operators.
Just saying.
Cheers
This is really getting OT but anyway … nusenu is correct and 100% in the right with his lovably passiv aggressiv comment.
My fault, I fucked it up to set the family on the domflow server correct. With this virus thingy going on lots of lots of other stress I forgot but I am happy to know that we have a person who cares about the network.
Right now we have implemented the DDOS protection Teor gave me and as far as I can tell it works. No more daily DDOS for me.
I will fix the family with the next planed downtime, turns out half of a terabyte ram is not enough, ram was ordered, as soon as it arrives we will install it and reboot all servers with the new family config.
sorry about all the troubles.
nifty
On 24. Jun 2020, at 12:50, Michael Gerstacker michael.gerstacker@googlemail.com wrote:
Am Mo., 22. Juni 2020 um 22:28 Uhr schrieb nusenu <nusenu-lists@riseup.net mailto:nusenu-lists@riseup.net>: I would assume that operators running relays in an end-to-end correlation position [1] due to incomplete MyFamily configuration are not considered eligible to run a directory authority.
[1] https://nusenu.github.io/OrNetStats/endtoend-correlation-groups https://nusenu.github.io/OrNetStats/endtoend-correlation-groups
I just would like to remember that your list is not as useful as you think it is.
I have an exit for some time now which i intentionally don't list in my family because for reasons no one needs to know i don't want to be associated with it (no i don't do traffic correlations attacks with it and i don't harm the network or its users in any way).
I think this is a very good reason to not use the MyFamily option and anyway some of the attacks teor pointed out can get mitigated when it's not visible that the operator is the same one.
Technically your list should list it but it doesn't because just changing the contact info and name is enough to not get recognized.
And when it's about trust i would rather trust someone who fails to include the (partially) useless and painful implemented MyFamily option then someone who builds a list which is easy to fool and not solving its purpose but annoying honest operators.
Just saying.
Cheers _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
LOL this requirement: - Should be run by somebody that Tor (i.e. Roger) knows.
One thing that I think would help Tor a lot and have seen some discussions on, would be a better 'trustworthy' way to measure bandwidth. I know it's measured a couple of different ways now, with 'observed' bandwidth and some testing/probing from the directory authorities, but as outlined in your e-mail adding more directory authorities is a tedious process at best, so is there a way that something could be set up where Tor maintainers could put a flag manually on a relay to indicate that it can and should, initiate bandwidth tests and report them back to the actual authorities?
Matt Westfall President & CIO ECAN Solutions, Inc. Everything Computers and Networks 804.592.1672 http://ecansol.com
On Sat, Jun 20, 2020 at 5:59 AM Roger Dingledine arma@torproject.org wrote:
On Fri, Jun 19, 2020 at 07:10:43AM -0300, Vitor Milagres wrote:
I see the Authority Nodes are located only in North America and Europe. I would like to contribute to the TOR network as much as possible. I am currently running a node and I would like to make it an Authority Node as well. I am from Brazil and I believe it would possibly be a good idea to have a new Authority Node in South America. What are the requirements? What should I do to become one of them? FYI, the node I am running is 79DFB0E1D79D1306AF03A4B094C55A576989ABD1
Thanks for your interest in running a directory authority! Long ago we wrote up a set of goals for new directory authorities: https://gitweb.torproject.org/torspec.git/tree/attic/authority-policy.txt
It is definitely an informal policy at this point, but it still gets across some of the requirements.
If you're able to run an exit relay at your location, that's definitely more useful than another directory authority at this point.
Also, because we haven't automated some steps, each new directory authority that we add means additional coordination complexity, especially when we identify misbehaving relays and need to bump them out of the network quickly.
Here are two big changes since that document:
(1) The directory authorities periodically find themselves needing to scale to quite large bandwidths -- sustaining 200mbit at a minimum, and being able to burst to 400mbit or 500mbit, is pretty much needed at this point: https://bugs.torproject.org/33018
(2) Tor ships with hundreds of hard-coded relays called Fallback Directories, which distribute the load for bootstrapping into the Tor network, and which also provide alternate access points if the main directory authorities are blocked. https://trac.torproject.org/projects/tor/wiki/doc/FallbackDirectoryMirrors So while the directory authorities are still a trust bottleneck, they are less of a performance bottleneck than they used to be.
In summary: if you want to run a directory authority, your next step is to join the Tor community, get to know us and get us to know you, come to one of the dev meetings (once the world is able to travel again), and see where things go from there.
Thanks, --Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
Matt Westfall -
Michael Gerstacker -
mpan -
niftybunny -
nusenu -
Roger Dingledine -
Tor-abuse -
Vitor Milagres