[boklm]

Because the clients need to get the list of nodes from somewhere.

You can read more about how this works at this URL: https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt

[catshirt]

just because they need a list of nodes doesn't mean they need to be hardcoded into the client. the other option of course would be to fetch the list remotely.

[eli]

From what? A directory directory server?

[MichaelGG]

From any peer? If the list is signed by a majority set of keys then it doesn't matter how it gets distributed.

[eli]

Isn't finding a peer the original problem?

[sneak]

Bitcoin does this by storing a list of DNS hostnames, run by a set of the maintainers, that return periodically-updated lists of peers.

Previously, it also joined an IRC channel and got the list of hostnames from all of the other users in the channel.

[eli]

Isn't that just replacing hardcoded IP addresses with hardcoded DNS hostnames? Not much of an improvement.

[catshirt]

ah, point taken. i didn't think too hard about this apparently. if they had a host serving a list of trusted DAs, that host would be just as valuable a target.

[MichaelGG]

Any Tor node could be a peer to distributed a signed piece of data.

[eli]

Yes, but how does one locate a tor node without a directory server?