|
@@ -0,0 +1,54 @@
|
|
|
|
|
+Filename: xxx-autonaming.txt
|
|
|
|
|
+Title: Naming authorities automatically create bindings
|
|
|
|
|
+Version: $Revision$
|
|
|
|
|
+Last-Modified: $Date$
|
|
|
|
|
+Author: Peter Palfrader
|
|
|
|
|
+Created: 2007-10-11
|
|
|
|
|
+Status: Open
|
|
|
|
|
+
|
|
|
|
|
+Overview:
|
|
|
|
|
+
|
|
|
|
|
+ Tor's directory authorities can give certain servers a "Named" flag
|
|
|
|
|
+ in the network-status entry, when they want to bind that nickname to
|
|
|
|
|
+ that identity key. This allows clients to specify a nickname rather
|
|
|
|
|
+ than an identity fingerprint and still be certain they're getting the
|
|
|
|
|
+ "right" server.
|
|
|
|
|
+
|
|
|
|
|
+ Authority operators name a server by adding their nickname and
|
|
|
|
|
+ identity fingerprint to the 'approved-routers' file. Historically
|
|
|
|
|
+ being listed in the file was required for a router, at first for being
|
|
|
|
|
+ listed in the directory at all, and later in order to be used by
|
|
|
|
|
+ clients as a first or last hop of a circuit.
|
|
|
|
|
+
|
|
|
|
|
+ Adding identities to the list of named routers so far has been a
|
|
|
|
|
+ manual, time consuming, and boring job. Given that and the fact that
|
|
|
|
|
+ the Tor network works just fine without named routers the last
|
|
|
|
|
+ authority to keep a current binding list stopped updating it well over
|
|
|
|
|
+ half a year ago.
|
|
|
|
|
+
|
|
|
|
|
+ Naming, if it were done, would serve a useful purpose however in that
|
|
|
|
|
+ users can have a reasonable expectation that the exit server Bob they
|
|
|
|
|
+ are using in their http://www.google.com.bob.exit/ URL is the same
|
|
|
|
|
+ Bob every time.
|
|
|
|
|
+
|
|
|
|
|
+Proposal:
|
|
|
|
|
+ I propose that identity<->name binding be completely automated:
|
|
|
|
|
+
|
|
|
|
|
+ New bindings should be added after the router has been around for a
|
|
|
|
|
+ bit and their name has not been used by other routers, similarly names
|
|
|
|
|
+ that have not appeared on the network for a long time should be freed
|
|
|
|
|
+ in case a new router wants to use it.
|
|
|
|
|
+
|
|
|
|
|
+ The following rules are suggested:
|
|
|
|
|
+ i) If a named router has not been online for half a year, the
|
|
|
|
|
+ identity<->name binding for that name is removed. The nickname
|
|
|
|
|
+ is free to be taken by other routers now.
|
|
|
|
|
+ ii) If a router claims a certain nickname and
|
|
|
|
|
+ a) has been on the network for at least two weeks, and
|
|
|
|
|
+ b) that nickname is not yet linked to a different router, and
|
|
|
|
|
+ c) no other router has wanted that nickname in the last month,
|
|
|
|
|
+ a new binding should be created for this router and its desired
|
|
|
|
|
+ nickname.
|
|
|
|
|
+
|
|
|
|
|
+ This automaton does not necessarily need to live in the Tor code, it
|
|
|
|
|
+ can do its job just as well when it's an external tool.
|
Nick Mathewson