Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f56529b4b2
Branches Tags
tor
/
doc
/
spec
/
proposals
/
128-bridge-families.txt

128-bridge-families.txt 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. Filename: 128-bridge-families.txt
    2. 

  2. Title: Families of private bridges
    3. 

  3. Author: Roger Dingledine
    4. 

  4. Created: 2007-12-xx
    5. 

  5. Status: Dead
    6. 

  6. 

  7. 1. Overview
    8. 

  8. 

  9.   Proposal 125 introduced the basic notion of how bridge authorities,
    10. 

  10.   bridge relays, and bridge users should behave. But it doesn't get into
    11. 

  11.   the various mechanisms of how to distribute bridge relay addresses to
    12. 

  12.   bridge users.
    13. 

  13. 

  14.   One of the mechanisms we have in mind is called 'families of bridges'.
    15. 

  15.   If a bridge user knows about only one private bridge, and that bridge
    16. 

  16.   shuts off for the night or gets a new dynamic IP address, the bridge
    17. 

  17.   user is out of luck and needs to re-bootstrap manually or wait and
    18. 

  18.   hope it comes back. On the other hand, if the bridge user knows about
    19. 

  19.   a family of bridges, then as long as one of those bridges is still
    20. 

  20.   reachable his Tor client can automatically  learn about where the
    21. 

  21.   other bridges have gone.
    22. 

  22. 

  23.   So in this design, a single volunteer could run multiple coordinated
    24. 

  24.   bridges, or a group of volunteers could each run a bridge. We abstract
    25. 

  25.   out the details of how these volunteers find each other and decide to
    26. 

  26.   set up a family.
    27. 

  27. 

  28. 2. Other notes.
    29. 

  29. 

  30.   somebody needs to run a bridge authority
    31. 

  31. 

  32.   it needs to have a torrc option to publish networkstatuses of its bridges
    33. 

  33. 

  34.   it should also do reachability testing just of those bridges
    35. 

  35. 

  36.   people ask for the bridge networkstatus by asking for a url that
    37. 

  37.   contains a password. (it's safe to do this because of begin_dir.)
    38. 

  38. 

  39.   so the bridge users need to know a) a password, and b) a bridge
    40. 

  40.   authority line.
    41. 

  41. 

  42.   the bridge users need to know the bridge authority line.
    43. 

  43. 

  44.   the bridge authority needs to know the password.
    45. 

  45. 

  46. 3. Current state
    47. 

  47. 

  48.   I implemented a BridgePassword config option. Bridge authorities
    49. 

  49.   should set it, and users who want to use those bridge authorities
    50. 

  50.   should set it.
    51. 

  51. 

  52.   Now there is a new directory URL "/tor/networkstatus-bridges" that
    53. 

  53.   directory mirrors serve if BridgeAuthoritativeDir is set and it's a
    54. 

  54.   begin_dir connection. It looks for the header
    55. 

  55.     Authorization: Basic %s
    56. 

  56.   where %s is the base-64 bridge password.
    57. 

  57. 

  58.   I never got around to teaching clients how to set the header though,
    59. 

  59.   so it may or may not, and may or may not do what we ultimate want.
    60. 

  60. 

  61.   I've marked this proposal dead; it really never should have left the
    62. 

  62.   ideas/ directory. Somebody should pick it up sometime and finish the
    63. 

  63.   design and implementation.
    64. 

  64.