On Sat, Jun 21, 2008 at 09:13:02PM -0700, Luis Maceira wrote: > The question: can I use the FQDN or IP preferably, > instead of nicknames,in torrc entrynodes,exclude > nodes,exitnodes options?I have read something > lately about the functioning of the Tor system, > and it seems the directory servers/client initial > dialog to determine the running nodes is protected > by strong authentication,but when I access > a listing of running nodes(by country,etc.) > using https://stat.xenobite.eu(for example) with a > webbrowser,how do I have assurance that the > nicknames correspond to the real IP address?
Nicknames are not guaranteed to be unique. You can use the router fingerprint instead, wherever it says to specify a nickname in the torrc manual. https://www.torproject.org/svn/trunk/doc/spec/dir-spec.txt " 2.3. Nonterminals in router descriptors nickname ::= between 1 and 19 alphanumeric characters ([A-Za-z0-9]), case-insensitive. hexdigest ::= a '$', followed by 40 hexadecimal characters ([A-Fa-f0-9]). [Represents a server by the digest of its identity key.] " > Does Tor check based on the strong authenticated > listing received upon initial dialog with the > directory servers the authenticity of the pairs > nicknames/computers we could set up in exitnodes etc. > of torrc? The above cited document describes in section 3.3 how nickname-to-identity-key mappings are maintained and how the Named flag could be conferred upon your router.
