public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Christian Decker <decker.christian@gmail.com>
To: Wladimir <laanwj@gmail.com>
Cc: kevin <bit.kevin@gmail.com>,
	Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Policy for DNS seeds
Date: Mon, 21 Jul 2014 14:53:51 +0100	[thread overview]
Message-ID: <CALxbBHW1kf6gDoO22GETwb6kRJ92qxS6MSNx64+kT2TiwH5iTQ@mail.gmail.com> (raw)
In-Reply-To: <CA+s+GJA1aLqOamoYTHRNsF3bGb=pKwNHXGYzQ6GSTgQnic+yCA@mail.gmail.com>

How about research projects into node distribution? Specifically I
wonder whether the collection and analysis of DNS query origin is
allowed when queries are anonymized and aggregated. This would prevent
the identification of a single user, which I assume is the rationale
for point 4.

Other than that I'm perfectly fine with accepting the rules for
seed.bitcoinstats.com

Regards,
Christian
--
Christian Decker


On Mon, Jul 21, 2014 at 2:43 PM, Wladimir <laanwj@gmail.com> wrote:
> We've established a few basic rules for the DNS seeds as used in the
> Bitcoin Core software. See below.
>
> If you run one of the DNS seeds please reply to this and let us know
> whether you agree to these terms. if you think some requirements are
> unreasonable let us know too. If we haven't heard from you by
> 2014-08-04 we will remove your DNS seed from the list of defaults.
>
> Expectations for DNSSeed operators
> ====================================
>
> Bitcoin Core attempts to minimize the level of trust in DNS seeds,
> but DNS seeds still pose a small amount of risk for the network.
> Other implementations of Bitcoin software may also use the same
> seeds and may be more exposed. In light of this exposure this
> document establishes some basic expectations for the expectations
> for the operation of dnsseeds.
>
> 0. A DNSseed operating organization or person is expected
> to follow good host security practices and maintain control of
> their serving infrastructure and not sell or transfer control of their
> infrastructure. Any hosting services contracted by the operator are
> equally expected to uphold these expectations.
>
> 1. The DNSseed results must consist exclusively of fairly selected and
> functioning Bitcoin nodes from the public network to the best of the
> operators understanding and capability.
>
> 2. For the avoidance of doubt, the results may be randomized but must not
> single-out any group of hosts to receive different results unless due to an
> urgent technical necessity and disclosed.
>
> 3. The results may not be served with a DNS TTL of less than one minute.
>
> 4. Any logging of DNS queries should be only that which is necessary
> for the operation of the service or urgent health of the Bitcoin
> network and must not be retained longer than necessary or disclosed
> to any third party.
>
> 5. Information gathered as a result of the operators node-spidering
> (not from DNS queries) may be freely published or retained, but only
> if this data was not made more complete by biasing node connectivity
> (a violation of expectation (1)).
>
> 6. Operators are encouraged, but not required, to publicly document
> the details of their operating practices.
>
> 7. A reachable email contact address must be published for inquiries
> related to the DNSseed operation.
>
> If these expectations cannot be satisfied the operator should
> discontinue providing services and contact the active Bitcoin
> Core development team as well as posting on bitcoin-development.
>
> Behavior outside of these expectations may be reasonable in some
> situations but should be discussed in public in advance.
>
> ========
>
> See
> https://github.com/bitcoin/bitcoin/pull/4566
>
> Wladimir



  reply	other threads:[~2014-07-21 13:54 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-21 13:43 [Bitcoin-development] Policy for DNS seeds Wladimir
2014-07-21 13:53 ` Christian Decker [this message]
2014-07-22 20:01   ` Matt Corallo
2014-07-21 19:24 ` Peter Todd
2014-07-21 20:19   ` Gregory Maxwell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CALxbBHW1kf6gDoO22GETwb6kRJ92qxS6MSNx64+kT2TiwH5iTQ@mail.gmail.com \
    --to=decker.christian@gmail.com \
    --cc=bit.kevin@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=laanwj@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox