[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] understanding client side enforced families ('NodeFamily' parameter)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


> I'd like to properly understand the implications of tor's
> 'NodeFamily' config option and if there is a DirAuth enforcable
> config option similar to this client side option (something I did
> not find in the man page yet).
> 
> names convention I'm using in this email
> 
> * undeclared family a confirmed (by the operator) or likely group
> of relays operated by a single entity or group
> 
> * declared family a family defined by the list of fingerprints a
> given relay publishes in the family line of its descriptor (for
> simplicity we assume there are only fingerprints and ignore
> everything else).
> 
> * effective family the overlapping list of fingerprints between
> declared family and mutually agreed relationships. The effective
> family might be smaller (in terms of element count) or equal but
> never bigger than the declared family.
> 
> * client family family defined by the list of fingerprints
> configured on a tor client via 'NodeFamily'
> 
> * real effective family the set of fingerprints considered to be in
> family after evaluating effective families and NodeFamily torrc
> config lines
> 
> 
> I assume a tor client becomes more unique as soon as he uses the 
> NodeFamily option but this "uniqueness" is expected to be hardly 
> measurable as long as NodeFamily is used reasonably (and the risks
> of using multiple relays from a given undeclared family are
> expected to be greater than this newly introduced uniqueness).
> 
> Questions
> 
> - Is it possible to (accidentally) reduce the size (by element
> count) of a real effective family by using NodeFamily or is the
> real effective family size always the bigger of size(effective
> family) and size(client family)?
> 
> Example: effective family is: A, B, C, D NodeFamily (accidentally)
> is: A, B
> 
> What is the resulting real effective family? 1) real eff. family =
> A, B, C, D or 2) 	real eff. fam1 = A, B; rea eff. fam2 = C, D;
> 
> 
> - Is it possible to (accidentally) create real effective families
> by using NodeFamily that are bigger than size(effective family) or 
> size(client family)? (That implies that client families have the
> power to link multiple families into one even though the client
> family only lists a subset of thouse.)
> 
> Example: eff. family1 = A, B, C eff. family2 = B, C, D
> 
> A and D are not in the same family, is this still true after
> setting NodeFamily: B, C or NodeFamily: A, B

Example II:
eff. family1 = X, Z
eff. family2 = W, R

Are X and R considered to be in one family after setting:
NodeFamily: W, Z

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJVcuGLAAoJEFv7XvVCELh0fUsQAKo9qVrWACNfNHu87piLOzBr
k1PE77ZTLR0nXTktpZlhpau9y04LEa0HOKNapuzJar667246VbUUkICzMWa3z7cS
hFZAQrz8Yzvfr2It8Dx2ByBRUf2j6GXzFhBFZ0b8VeMQpxWl+qh6ciMEO7KDwPJZ
ZN35tKvA/YH4+G9Tf69o5Go9Xw4x6J8p6cNbfD4T9Hhrk8W434XfcqqoVMf5cMQn
7yCrQZquG6GPtjSRaeT7Wux1mrrHOtfhPcoPA+Y2O/Dmdx4qtgkor9FK83Z6OjbI
jKzatbpLiO56OWTD6zxXSH3U6ZeMhsUtF9Mq0tYFDK7MaKYEq3QCzr1QRQKod/54
ZsPBQahd475aZHZJ2DNODjnFvyP0hamH0ZI53mnazXn+SaoWH1RE5b7aj5LVUrlR
LszSaYcROZjg5l/G3pZG5hSu5EDrPklVUz2Z1SHjIJfCswDyct+IMrO4NecYa1h2
IDY+911WNN7vfG5GQADSxDO0GZXrtZyWA8pXFZMDBQN7Sn7qMm5mYoAzb1ZhSilL
jobQeb6H52jOUY1mLx+o1cN+XZ83f28zT9FSwA9oJljI3313IZzC0067cRBB2+j/
OsHZ/qOwP6g0ZMJQaPJi7xm/WefrSPFl2xpnvanttpdlDNnfEPHWdZvmvNuebSSF
vg3eJGnWMCGFGnX3nALQ
=tfJd
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk