GitLab

weasel writes on tor-dev:

Tor has included a feature to fetch the initial consensus from nodes other than the authorities for a while now. We just haven't shipped a list of alternate locations for clients to go to yet.

Reasons why we might want to ship tor with a list of additional places where clients can find the consensus is that it makes authority reachability and BW less important.

At the last Tor dev meeting we came up with a list of arbitrary requirements that nodes should meet to be included in this list.

We want them to have been around and using their current key, address, and port for a while now (120 days), and have been running, a guard, and a v2 directory mirror for most of that time.

I have written a script to come up with a list of notes that match our criteria. It's currently at https://www.palfrader.org/volatile/fallback-dir/get-fallback-dir-candidates

It currently produces https://www.palfrader.org/volatile/2015-04-17-VjBkc8DWV8c/list

See https://lists.torproject.org/pipermail/tor-dev/2015-April/008674.html

This file current has 329 entries, and takes up approximately 32kB. If we hard-coded it in the binary like the authorities, it would increase the binary size by approximately 2% on my platform.

Edit: nickm favours putting it in torrc.defaults Edit 2: weasel notes torrc.defaults is for package maintainers. Putting it in a list of strings in the code. Much like the authorities.

Do we expect this in by 0.2.7?

Edit: Yes

Do we want to work on a signed file first (#15774 (moved))? (A signed file needs a well-defined threat model and signature verification has to work without access to the authorities or fallback directories.)

Edit: No clear threat model, defer.