### (Discussion) Proposals towards a more trusted relay operator
- Timeline of this process
October 2022 - January 2024
- We called for proposals from the community (March 3 2023)
- Work on proposals (TPO) (like meta proposal about the process and
governance and different stake holders) (March/April)
- Proposal evaluation (May/July)
- Events and offline discussions with community (August/September)
- Approving proposals after feedback from the community and figuring
out the details of enforcement/adhering to them (September-December)
- Proposals go live (January 2024)
### Status update on the "Bumping the 4 relays per ip to 8 relays per
We want to do the analysis for the bump to 4 relays per IP which won't
happen in April anymore but I try to sneak this into my May ToDo list.
Afterwards we can consider bumping the limit further in case the
analysis looks fine as expected. --GeKo
^^ I made a change to moria1 so it publishes its
Q: Is there a way for me to tell if my bridge is reachable from
pass your bridge address to users in-country and ask them to test your
bridge. Email gus@ if you want to learn the answer! Only residential
connections are working there, so 'cloud' (data center) obfs4 bridges
probably do not work.
Q: Is it still unwise to run both a snowflake and also an obfs4 bridge
if one of them gets your IP address blocked by a censor somewhere, then
the other one will end up blocked too.
Q: What if my IP address changes every few hours?
because clients will learn about your address too late to use it. *But*,
this is a perfect situation for running a Snowflake proxy!
Q: When will we start bumping out Tor relays running 0.4.5?
because they are more scarce. We might make an exception for 0.4.5
bridges that are popular.
Q: Re: the EFF University Relay campaign, University libraries will be
helpful here; did anything much result from the Library Freedom
Project's Tor Exit Relay Project?
(Tor exit relays in libraries: a new LFP project - Library Freedom Project)
as UNC's ibiblio project. But yes you make a great point that Alison and
the LFP folks are good resources here. I will make an internal note to
remind ourselves to connect to them when the time is right.
^ It seems there are some relays running right now in the network that
are LFP-related, so an easy first step would be to label them better so
we can celebrate them more.
Q: Does anyone know why increased inbound ORPort connection rates no
longer result in increased CPU usage on relays?
many connections then receiving another one involves a surprising amount
of work because Tor is inefficient with its data structures somehow? Or
maybe, the inbound connections used to be doing something especially
expensive and denial-of-service-y, and 'normal' Tor connections don't do
that? Let us know if you have any more hints and have any new info.
Q: Do you have an estimate of how many relay operators there are? (Or
maybe a count of "good" operators)
same thing. One of our upcoming plans is to build a tool for us to
annotate which relays and relay operators we 'know', which will let us
better understand how much of our relay operator community we are
already connected to. The idea isn't to accuse the un-annotated people
of being bad, but it's to have a starting point to map who we know.
Q: What would it take to get an official Docker image for relays? It
would be very helpful for those of us running multiple daemons on the
same machine on high bandwidth uplinks. Currently available open source
versions each have severe limitations or bugs
Q: Could you include a dateful.com link for future events? It makes it
easier across timezones.
- Maybe an ical people can import would be nice?
Could someone provide a website that doesn't track and collect users
Q: Can you publish a list of events and offline meetings (including
date) that you have in mind regarding the trusted relay operator
community? https://blog.torproject.org/ but you're right that we don't have a
separate section specifically for relay operators. It is a good
suggestion -- we should try harder to organize and announce and schedule
in-person meetups at various hacker cons.
Q: Can we get metricsport documentation at some point, what is a
Q: I recently tried Freedombox, which can operate over Tor. Per default
it enables relay functionality after installing the Tor app. However, if
using Tor to access Freedombox via a hidden service, this is considered
to potentially deanonymize the server location, right?
because being a relay exposes some potential side-channel issues: people
can send traffic through your relay, and also send traffic to the onion
service, and notice congestion that correlates. So if you care enough
about the privacy of your onion service, consider not doing both. (If
you don't care much about the privacy of your onion service, it is fine
to do both.)
Q: Another issue with Freedombox, or Debian (as it is based on it) is
that Tor version is 0.4.16, which is considered obsolete. However,
adding the Debian Tor repository doesn't work either, as upgrading fails
due to missing libevent>=2.1.8 dependency. Any workaround or solution
Debian bookworm might have exactly the packages you want.
A: Alas we don't have an automated vantage point inside .tm. But we can
A: Correct, you should run either one or the other. The reason is that
A: It doesn't make sense to run an obfs4 bridge in this situation,
A: Starting beginning of May. And bridges we will treat differently,
A: Yes, we have a few university libraries running exits right now, such
A: Hmm! There is not an obvious answer here. Maybe, if there are too
A: We have a count of how many *relays* there are, but that's not the
A: Yes, that is on the roadmap see
A: I (trinity) sent a reminder to dgoulet. Hopefully it will get
A: We try to publish a list of interesting public events on a sidebar on
A: It is recommended to not run a relay and also an onion service,
A: Maybe you can get tor or libevent from backports? Else, the upcoming
On Thu, Mar 30, 2023 at 11:04:39AM -0300, gus wrote:
The next Tor Relay Operator Meetup will happen on April 15th, 2023, at 19 UTC.