Delivery-Date: Fri, 05 Jun 2015 05:11:03 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 54F8F1E042B;
	Fri,  5 Jun 2015 05:11:01 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2E4F7357C2;
	Fri,  5 Jun 2015 09:10:56 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0FF2A35822
 for <tor-talk@lists.torproject.org>; Fri,  5 Jun 2015 09:10:52 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 90yTHCeQm9Zp for <tor-talk@lists.torproject.org>;
 Fri,  5 Jun 2015 09:10:51 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id C7DEE357C2
 for <tor-talk@lists.torproject.org>; Fri,  5 Jun 2015 09:10:51 +0000 (UTC)
Received: from berryeater.riseup.net (berryeater-pn.riseup.net [10.0.1.120])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id B30C6415C8
 for <tor-talk@lists.torproject.org>; Fri,  5 Jun 2015 09:10:48 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender: phw)
 with ESMTPSA id 0EB6E4004D
Date: Fri, 5 Jun 2015 11:10:45 +0200
From: Philipp Winter <phw@nymity.ch>
To: tor-talk@lists.torproject.org
Message-ID: <20150605091045.GA1687@nymity.ch>
Mail-Followup-To: tor-talk@lists.torproject.org
References: <556F707A.6050506@openmailbox.org> <5570269C.2040702@donncha.is>
 <55702AC7.1040608@openmailbox.org>
MIME-Version: 1.0
In-Reply-To: <55702AC7.1040608@openmailbox.org>
X-PGP-Fpr: B369 E7A2 18FE CEAD EB96  8C73 CF70 89E3 D7FD C0D0
X-Virus-Scanned: clamav-milter 0.98.7 at mx1
X-Virus-Status: Clean
Content-Disposition: inline
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] DocTor's 'Possible Sybil Attack' (2015-06-03) report
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, Jun 04, 2015 at 10:39:03AM +0000, nusenu wrote:
> > These relays have previously been excluded from the Tor network.
> > They have now tried rejoining with new fingerprints. All of the
> > following relays are confirmed as being managed by the same
> > operator.
> 
> Again, I really dislike the in-transparency here.

I agree that it needs improvement.  In theory, we already have a public
repository for blacklisting relays:
<https://gitweb.torproject.org/authdirbadexit.git/>

In practice, nobody has had time yet to put all existing rules in the
new repository.  Also, it's called "authdirbadexit" and it would be
great if AuthDirReject and AuthDirInvalid rules could be published as
well.

> Could you share a bit more information?
> (or if it is already available somewhere, a url is enough)
> 
> Which relays where excluded? (identified by fingerprints)
> When were they excluded?
> How have they been excluded? (specific IPs, entire IP blocks,
> fingerprints, ...)
> Why have they been excluded?

I attached a list of fingerprints that were rejected by the directory
authorities around May 20.  All these relays were HSDirs and actively
scanned hidden services they were responsible for.

Cheers,
Philipp
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

