feature request: better privacy for node operators
The goal of this requested feature is to minimize the identifying bits of a Tor node and to reduce the negative privacy effects for a Tor node operator running a non-exit at home. It is related to this post: https://lists.torproject.org/pipermail/tor-talk/2011-April/020195.html
I'll describe the features in form of manpage entries:
NodePrivacy 0|1 This option affects relaying nodes only and makes only sense on hosts with dynamic** IP address. If set to 1 a minimal and standardized descriptor will be published (ORPort: 9001, DirPort: 9030, Nickname: "Unnamed", ContactInfo: "" (empty), exit policy: reject :, tor version: "" (empty), MaxAdvertisedBandwidth not honored, ...). Before a new descriptor is published, long term keys are reseted if an IP change is detected and StateResetInterval is 0. If StateResetInterval is non-zero long term keys will only be resetted if the interval is expired AND an IP change has been detected. NOTE: EVEN WITH THIS OPTION ENABLED YOU WILL PROBABLY BE TRACEABLE - IT JUST GETS SLIGHTLY HARDER. (Default: 0)
**) Example: If a node is down for lets say a month and comes back online it might even be a usfull feature for nodes with static IP addresses (the fact that a node has a static IP address is not necessarily a public fact)
StateResetInterval N d|w Specifies the time interval for which long term key material will not be resetted - only relevant if NodePrivacy is set to 1. (Default: 0)
Depending on how many Tor nodes in a certain AS are running with NodePrivacy enabled with rawly same StateResetInterval and BW NodePrivacy will actually improve privacy or not.
Side effect of this feature: The Tor network will probably have less nodes having the 'guard' and 'stable' flag set and statistics of relays based on their published tor version might see empty version strings.