Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a
On Sat, Dec 1, 2018 at 8:40 PM Paul wrote: > > I have run into this issue just now and iam curious if i can "just" > downgrade back or if there is any other way to workaround? > I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA, which Tor doesn't use. Also, you could use 1.1.0j if you prefer something patched. > How does this affect my relay? Will it still be useable? It will be usable by anybody connecting to it with TLS up to 1.2, and by clients using TLS 1.3. Connections between your relay and other relays will fail if you are both upgraded to TLS 1.3. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] UbuntuCore relays
Chad MILLER:> I have assumed that 95% of users don't have public addresses or have port > forwarding. It's a connectivity problem, I think. Yes, understood. And >5k deployments without anyone(?) asking about why it does not work is the crucial part that makes it odd (makes it look like bots). > are these actual 6000 unique deployments? how are they counted? >> are endpoints submitting a unique ID to the update endpoint for the >> counter to work? >> (or are these counters just based on counting unique source IPs hitting >> the update endpoint? [within a day?]) >> do you have AS or country break downs for that number? >> > > I think it's a count of update checks within a normal update-check window. do you have the possibility to find out? (via authoritative documentation?) It would be great to have some affirmative data. any comment about this? > maybe you could add a simple check for the existence of a file where the > operator needs to add the ContactInfo > and if it is not there the snap exits + adding that new requirement > prominently > to the snap documentation. > > Then we can observe how many > - disappear? > - get a ContactInfo? > - get the same ContactInfo? > - get a random ContactInfo? > - get an actual working ContactInfo? > I DO have country information. Attached. (I removed the countries with > fewer than 3 in case that could be used to identify them.) thanks for providing this data, interesting to see that there are even instances in China trying to come online. Do you have any other additional stats like hw architecture? or even hw arch per country? -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
