Re: [tor-relays] Tor Metrics 'Running' flag is back for bridges who don't publish the OrPort
On Sun, Jun 23, 2024 at 09:28:23PM +0200, li...@for-privacy.net wrote: > A few months ago there was a recommendation to not exposing OrPort for > bridges. > This had the unpleasant effect that all bridges were 'red' on Tor Metrics, > even though they were running perfectly fine. > I noticed yesterday after the meeting that everything is 'green' again. > https://metrics.torproject.org/rs.html#search/ForPrivacyNET > > Thank you, I believe these 6 people did that: > https://gitlab.torproject.org/tpo/network-health/team/-/issues/318 Right -- I think we are still in the process of fixing that issue. The current situation as I understand it is that bridgestrap measures whether your obfs4 port is reachable, and it uploads these results to the metrics sites, and the metrics sites use them if available instead of looking at Running. But currently the "uploads to metrics" step happens once a day, while bridgestrap produces results way more frequently than that. And in the past there were surprises where the metrics side would say something like "I'll call you running if bridgestrap said you were reachable within the past three hours" -- which is a great design if you are getting the bridgestrap results rapidly, but not great if you get them once a day. So, I'm glad to see that your relay was green again for a bit, but I fear a bit more work remains until we get there *consistently*. :) --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Metrics 'Running' flag is back for bridges who don't publish the OrPort
Oh, the fix only lasted 23 hours. ;-) 'Running' flag is gone again. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Why should we avoid adding bridges fingerprints in MyFamily?
On Sun, Jun 23, 2024 at 07:30:00PM +, Edward Cage via tor-relays wrote: > Quick question about the fingerprints of our bridges. It's clearly written > in torrc that we should not include them in MyFamily. Correct. > I don't well understand why, especially because: > - Every bridge, and their fingerprints, are publicly listed on Tor > Metrics; Actually it is the *hash* of the fingerprint (hash of hash of key) that is publicly listed in Tor metrics. This way you can look up your bridge if you know its fingerprint, but other people can't learn more about your bridge just based on the relay-search page. > - The contact email is disclosed for each of them, and it allows our > bridges and relays to be easily linked to a same operator. (or should we use > a different email address for each bridge?) It is fine to use the same contactinfo on your bridges and relays -- because it won't help somebody discover your bridge address or bridge fingerprint if they don't already know it. Ultimately the right answer is to move to a better design for declaring families. The current best idea is Proposal 321: https://gitlab.torproject.org/tpo/core/torspec/-/blob/HEAD/proposals/321-happy-families.md with more details here: https://gitlab.torproject.org/tpo/core/tor/-/issues/40134 and a suggestion at the end of that ticket by trinity that seems like it could be a good short-term fix. I think all of the core devs who might work on Proposal 321 are instead working on Arti though, so at this rate it will be a long while until the topic sees progress. --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Why should we avoid adding bridges fingerprints in MyFamily?
Hi all, Quick question about the fingerprints of our bridges. It's clearly written in torrc that we should not include them in MyFamily. I don't well understand why, especially because: - Every bridge, and their fingerprints, are publicly listed on Tor Metrics; - The contact email is disclosed for each of them, and it allows our bridges and relays to be easily linked to a same operator. (or should we use a different email address for each bridge?) Best regards ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Tor Metrics 'Running' flag is back for bridges who don't publish the OrPort
I don't know if this was mentioned at the Tor Relay Meeting yesterday, if so, I missed it. ;-) A few months ago there was a recommendation to not exposing OrPort for bridges. This had the unpleasant effect that all bridges were 'red' on Tor Metrics, even though they were running perfectly fine. I noticed yesterday after the meeting that everything is 'green' again. https://metrics.torproject.org/rs.html#search/ForPrivacyNET Thank you, I believe these 6 people did that: https://gitlab.torproject.org/tpo/network-health/team/-/issues/318 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom! signature.asc Description: This is a digitally signed message part. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays