After looking at lots of malicious relay data of the past few months I've come to the conclusion that exit relays without ContactInfo are largely run by malicious actors.
I propose to make torrc's ContactInfo mandatory for exit relays with the
following timeline:
* tor 0.4.6: log a warning that tor will require ContactInfo to be set on an
exit relays starting with tor v0.4.7
* tor 0.4.7: no longer assign the exit flag to relays not having a ContactInfo
(< 5 chars) in their descriptor.
Log a warning for relay operators,
I'll add graphs that show exit fraction provided by exit relays without
ContactInfo over time
to OrNetStats.
Is this an effective remedy to deter malicious actors?
No and it is not meant to be one. It is trivial to set a random non-empty
ContactInfo,
only in combination with other countermeasures it becomes actually useful.
ContactInfo is also mentioned in this draft:
https://gitlab.torproject.org/tpo/community/team/-/wikis/Expectations-for-Relay-Operators
I'll make it easy for Tor Browser users to exclude exit relays without
ContactInfo from their configuration.
This might makes the proposal irrelevant should the release alone result in
exits getting non-empty ContactInfos.
More details will follow soon.
kind regards,
nusenu
--
https://nusenu.github.io
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
