I’m curious: Which people are eligible to run directory authorities? Who runs the existing 9 directory authorities? And instead of using a centralized structure with directory authorities, why not use a P2P(Peer-to-Peer) network?
I feel like a P2P network is a better idea, because for an attacker, attacking the 9 central authorities is enough to take down the network, but in a P2P network, the attacker would have to destroy every participating node. What are the challenges that are preventing the Tor project from implementing this idea?
9 skilled people who know the torspecs by heart or have partially written them. Have written lots of Tor code and are cryptography & network security experts. They have studied IT. Reading and writing code, compiling and patching, they can do it in their sleep. Setting up a dirauth + bandwidth scanner is a difficult task. Most are TorProject members.
… can then simply become a P2P DirAuth. Yay Together with unskilled people, they then form the perfect consensus. Then they simply ‘roll the dice’ for the bad-relays.
For the first time they are distributed worldwide. It’s almost impossible to disable them all at the same time. There are also fallback directory mirrors (a rotated set of Tor relay nodes) to help Tor clients connect to the network.