Opened 6 months ago

Last modified 4 weeks ago

#24872 accepted defect

remove outdated tor relay security recommendations and update these wiki pages

Reported by: cypherpunks Owned by: Jaruga
Priority: Medium Milestone:
Component: Community/Tor Support Version:
Severity: Normal Keywords:
Cc: phoul Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

While working on #24497 I wanted to link to existing security related recommendations and found:

https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity
https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity

IMHO these are severely outdated and give bad advises.

I'm proposing to remove some outdated content and if no one disagrees I'll proceed soon.
I'll send email to tor-dev about this.

Child Tickets

Change History (7)

comment:1 Changed 6 months ago by dgoulet

Component: - Select a componentCommunity/Tor Support
Owner: set to phoul

Tentatively setting a component.

comment:2 Changed 4 months ago by Jaruga

Owner: changed from phoul to Jaruga
Status: newassigned

I'll get to this on the weekend.

comment:3 Changed 4 months ago by Jaruga

Status: assignedaccepted

Accepting.

comment:4 Changed 4 weeks ago by alison

Maybe check those old pages for any salvageable info, then add it to the relays ops wiki, then remove the old pages? Here's the relay ops wiki: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide

comment:5 Changed 4 weeks ago by phoul

Cc: phoul added

comment:6 in reply to:  4 Changed 4 weeks ago by Jaruga

Replying to alison:

Can do, and thanks for the reminder on this ticket! I'll add this to my todo list.

comment:7 in reply to:  4 Changed 4 weeks ago by nusenu

Replying to alison:

Maybe check those old pages for any salvageable info, then add it to the relays ops wiki, then remove the old pages? Here's the relay ops wiki: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide

I'd prefer if a security section would be on a separate page since the relay guide is already a long and ugly single-pager.

And I'm happy to review security recommendations.

Note: See TracTickets for help on using tickets.