summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/spec/proposals/125-bridges.txt35
1 files changed, 13 insertions, 22 deletions
diff --git a/doc/spec/proposals/125-bridges.txt b/doc/spec/proposals/125-bridges.txt
index 9601de4e1e..a0d51f3fe3 100644
--- a/doc/spec/proposals/125-bridges.txt
+++ b/doc/spec/proposals/125-bridges.txt
@@ -24,11 +24,13 @@ Status: Open
1.1. PublishServerDescriptor
To configure your relay to be a bridge relay, just add
+ BridgeRelay 1
PublishServerDescriptor bridge
to your torrc. This will cause your relay to publish its descriptor
to the bridge authorities rather than to the default authorities.
Alternatively, you can say
+ BridgeRelay 1
PublishServerDescriptor 0
which will cause your relay to not publish anywhere. This could be
useful for private bridges.
@@ -40,28 +42,17 @@ Status: Open
can supply their bridge users with cached copies of all the various
Tor network information.
- Right now (0.2.0.11-alpha) we require that bridges turn their DirPort on
- -- which means both that we answer BEGIN_DIR requests and that we fetch
- and cache directory information in an aggressive way like other servers.
-
- But:
- a) we don't enforce that DirPort is on, since it's not clear how to
- detect if the user meant to be a bridge. So it's easy to set up a bridge
- relay that silently refuses BEGIN_DIR requests and is thus useless.
- b) We don't actually care if they have an open or reachable DirPort. So
- at some point we should separate having an open DirPort from answering
- directory questions. Which leads to:
- c) We need to investigate if there are any anonymity worries with
- answering BEGIN_DIR requests when our DirPort is off. If there aren't,
- we should drop the DirPort requirement.
-
- I claim that we don't open any new attacks by answering BEGIN_DIR
- questions when DirPort is off: it's still a fine question to ask what
- partitioning attacks there are when you can query a Tor client about
- its current directory opinions, but these attacks already exist when
- DirPort is on.
-
- We need to answer this issue in 0.2.0.x.
+ As for Tor 0.2.0.13-alpha, bridges will answer begin_dir questions
+ (and cache dir info they see so the answers will be more useful)
+ whether their DirPort is enabled or not. (After all, we don't care if
+ they have an open or reachable DirPort to answer begin_dir questions.)
+
+ We need to investigate if there are any anonymity worries with answering
+ BEGIN_DIR requests when our DirPort is off. I claim that we don't open
+ any new attacks: it's still a fine question to ask what partitioning
+ attacks there are when you can query a Tor client about its current
+ directory opinions, but these attacks already exist when DirPort is on.
+ We should investigate this in 0.2.1.x.
1.3. Exit policy
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion