Skip to content
Snippets Groups Projects
New look
Closed Dir auths should vote about Invalid like they do about BadExit
  • View options

    • Dir auths should vote about Invalid like they do about BadExit

  • View options
    • Closed Issue created by Roger Dingledine

    Right now only three dir auths put BadExit in their known-flags, so it takes any 2 of those 3 to give a relay the BadExit flag, which causes an exit relay to not be used by clients for exiting. This is a great convenience for the dir auth operators, since otherwise we'd have to get a majority of all nine (i.e. five) dir auth operators to declare that a relay shouldn't be used for exiting, and we'd be much less agile in response to detected bad behavior.

    In comparison, all nine relays put Valid in their known-flags, so it takes a full 5 of the 9 to give a relay the Valid flag -- or said another way, it takes a full 5 of the 9 to take it away.

    In the context of malicious HSDir roles, this lack of agility is hurting us. We should explore ways to make !invalid more like !badexit.

    Linked items ... 0

    • Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first
    Loading Loading Loading Loading Loading Loading Loading Loading Loading Loading