Opened 4 years ago

Last modified 12 days ago

#16564 assigned enhancement

Add a line to bridge descriptors specifying they're bridges?

Reported by: arma Owned by:
Priority: High Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-bridge easy intro
Cc: catalyst Actual Points:
Parent ID: Points: 1
Reviewer: Sponsor: Sponsor19-can

Description

Right now if my bridge descriptor gets uploaded to the directory authorities, poof I'm now a public relay, even if I didn't mean to be.

That's not the end of the world, since I am technically offering to be a relay already, and the only difference is that I didn't opt to publish my descriptor myself.

But still it seems like we should make the choice explicit inside the descriptor.

Child Tickets

Change History (19)

comment:1 Changed 4 years ago by arma

One implementation approach would be for BridgeRelay 1 to add a line to the descriptor, like "PublicRelay 0" or "BridgeRelay 1", and then authorities would look for this line and opt to not include such relays in their votes.

comment:2 Changed 4 years ago by arma

(This ticket might soon become tagged with SponsorR tor-hs too, since special and I are exploring the notion of exit bridges, and these futuristic exit bridges will have this same issue.)

comment:3 Changed 3 years ago by nickm

Keywords: SponsorU removed
Sponsor: SponsorU

Bulk-replace SponsorU keyword with SponsorU field.

comment:4 Changed 3 years ago by teor

Milestone: Tor: very long term

comment:5 Changed 3 years ago by isabela

Sponsor: SponsorUSponsorU-can

comment:6 Changed 3 years ago by nickm

Points: .2
Severity: Normal
Sponsor: SponsorU-can

comment:7 Changed 22 months ago by nickm

Keywords: easy intro added
Points: .2.1

comment:8 Changed 22 months ago by nickm

Milestone: Tor: very long termTor: unspecified

comment:9 Changed 21 months ago by nickm

Cc: isis added

comment:10 Changed 21 months ago by isis

Status: newneeds_information

What is the path that gets taken when the operator specifies "BridgeRelay 1" in their torrc that could lead to the descriptor being uploaded to a relay DirAuth? Is this possible?

comment:11 Changed 21 months ago by isis

Type: defectenhancement

comment:12 Changed 21 months ago by arma

A) You could do it by specifying "PublishServerDescriptor v3" if you wanted.

B) I could take your bridge descriptor and upload it to moria1. Then moria1 would include it in its v3 vote, and the other dir auths would learn about it and fetch the descriptor from moria1, and then it would be a relay.

Not the end of the world, but it seems cleaner for bridges to say what they wanted to be when they're writing it up and signing it.

comment:13 in reply to:  12 ; Changed 21 months ago by isis

Replying to arma:

A) You could do it by specifying "PublishServerDescriptor v3" if you wanted.


This one sounds like a bug?

B) I could take your bridge descriptor and upload it to moria1. Then moria1 would include it in its v3 vote, and the other dir auths would learn about it and fetch the descriptor from moria1, and then it would be a relay.


This is more convincing.

Not the end of the world, but it seems cleaner for bridges to say what they wanted to be when they're writing it up and signing it.


Yep, this makes sense and shouldn't be too hard, and I see it's already marked as a good intro ticket. :)

comment:14 Changed 21 months ago by arma

Status: needs_informationnew

comment:15 in reply to:  13 Changed 21 months ago by arma

Replying to isis:

Replying to arma:

A) You could do it by specifying "PublishServerDescriptor v3" if you wanted.


This one sounds like a bug?

That "feature" (in quotes) is around from the old days, when we were writing an overlay network and people wanted to put the pieces together as they saw fit -- you run a relay, and you publish to wherever you want to be collecting your relay descriptors.

I could see taking it out, in that "closing a door of what Tor can be" sort of way, but also I don't see any harm in leaving it in.

comment:16 Changed 21 months ago by catalyst

Cc: catalyst added

comment:17 Changed 17 months ago by isis

Owner: set to isis
Points: .11
Priority: MediumHigh
Sponsor: SponsorM
Status: newaccepted

A nicer way to do this, once #18329 is merged, would be to have the dirauths check the uploaded server descriptors for "bridge-distribution-request" lines, since all bridges will have them. I can make a patch that rejects bridges from the consensus, which we should probably be doing.

comment:18 Changed 4 months ago by gaba

Cc: isis removed
Owner: isis deleted
Status: acceptedassigned

comment:20 Changed 13 days ago by catalyst

Sponsor: SponsorMSponsor19-can
Note: See TracTickets for help on using tickets.