#29448: Provide a dir-spec implementation that serves sanitised descriptors ----------------------------------+----------------------------------- Reporter: irl | Owner: sysrqb Type: project | Status: needs_information Priority: Low | Milestone: Component: Obfuscation/BridgeDB | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------------+-----------------------------------
Comment (by irl): Is it currently possible for someone to operate their own CollecTor instance and archive bridge descriptors? The answer is no unless they are syncing from our CollecTor instance. We have access to bridge IPs, which is sensitive information, regardless of whether or not we publish that information. This is a violation of not handling sensitive information. > So, the goal here is basically to extract the sanitizing code from CollecTor and put it on the BridgeDB host, probably rewritten in a different language. Right? Yes. > However, I can also see the downsides: code complexity of BridgeDB will suddenly increase, and whoever runs BridgeDB has one more complex thing to take care of. We do get the benefit that we no longer have to handle bridge IPs and things are more reproducible. It is also easier for people to run testing BridgeDBs with a testing CollecTor instance. It is also easier for people to run their own production BridgeDBs that we can see statistics of (which is a goal that has been previously discussed, to reduce reliance on the single BridgeDB instance and allow orgs to set up their own). -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29448#comment:2> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs