"Trusted" peers

[Rubydesic]

What version of this package are you using?
9.16.0

What problem do you want to solve?
Prevent peers IP address from being recorded by malicious third parties.

What do you think is the correct solution to this problem?
The ability to mark certain peers as "trusted". Non-trusted peers will not be announced to each other.

Peer A	Peer B	Can connect?
Trusted	Trusted	Yes
Trusted	Not trusted	Yes
Not trusted	Not trusted	No

Are you willing to submit a pull request to implement this change?

If suggested.

[DiegoRBaquero]

This could be done on the server blocking by a certain filter (http headers, client peer id, etc.)

What's the use case? Wouldn't it be better to be restrictive on a lower level, maybe http proxy before reaching the tracker?

[Rubydesic]

The use-case is basically using bittorrent as a CDN. As the files/torrents that a client is accessing might be private information, I want a way to restrict who can monitor who is downloading what. CDN edge servers would be "trusted" peers and everyone else would not. I don't see how this would be possible with an HTTP proxy.

P.S. Another thing to add might be an "accept-untrusted" flag of sorts. If this flag is set when connecting, the peer indicates that they don't mind their activity being monitored. Two untrusted peers with this flag set to true would then be able to connect.

Peer A	Peer B	Can connect?
Trusted	Trusted	Yes
Trusted	Not trusted	Yes
Trusted	Not trusted (accept-untrusted)	Yes
Not trusted (accept-untrusted)	Not trusted (accept-untrusted)	Yes
Not trusted	Not trusted (accept-untrusted)	No
Not trusted	Not trusted	No

[DiegoRBaquero]

Then why not restrict the incoming traffic to the CDN edge servers' IP range? those are normally in CDN's documentation

[Rubydesic]

Still not sure I understand what you're saying. Neither incoming nor outgoing traffic from my trusted servers (the cdn) needs to be restricted.

If you are talking about restricting incoming traffic on the clients, well - I can't. I don't necessarily control the clients. Not to mention that even if I did, their IP addresses would still be leaked by the tracker even if they were dropping connections they didn't like.