[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11973 [Tor]: Should relays stop making unencrypted directory connections?

Subject: Re: [tor-bugs] #11973 [Tor]: Should relays stop making unencrypted directory connections?
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 15 May 2014 15:39:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 15 May 2014 11:39:52 -0400
In-reply-to: <045.42fcb17d986ec35b3a356323c46ff9d0@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.42fcb17d986ec35b3a356323c46ff9d0@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11973: Should relays stop making unencrypted directory connections?
------------------------+------------------------------
     Reporter:  nickm   |      Owner:
         Type:  defect  |     Status:  new
     Priority:  normal  |  Milestone:  Tor: unspecified
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  needs-proposal
Actual Points:          |  Parent ID:
       Points:          |
------------------------+------------------------------

Comment (by nickm):

 From that ticket, my impression of why you'd do a DirPort connection from
 non-bridge relays:
 >I think the original rationale was that:
 >   * all of this information was publicly associated with the uploading
 IP, and as such encrypting it wouldn't actually protect anything.
 >   * using a separate port for uploads would allow directory authorities
 to throttle downloads without harming uploads.

 Roger added:
 >Clients use begindir so it's harder to fingerprint and prevent their
 directory fetches.
 >
 >Relays don't use begindir to avoid loading down the directory authorities
 with ssl handshakes (heavyweight) simply for an http directory
 publish/fetch (lightweight).
 >
 >Load on directory authorities seems like it should come primarily from a)
 clients that are bootstrapping, though we're hoping to resolve that
 bottleneck with the fallback directory mirrors, and b) relays. It'd be a
 shame to magnify part 'b' by a lot.

 At one point, I thought that b) was spurious, since bug #11469 had turned
 off direct connections for (most) relays, but Roger pointed out to me that
 it only turned off direct connections for ''publishing'', and that relays
 downloading from authorities (which is much more expensive) still use
 HTTP.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11973#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #11973 [Tor]: Should relays stop making unencrypted directory connections?
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #11469 [Tor]: Exit not using one hop circuit to Directory Server
Next by Author: [tor-bugs] #11974 [Ooni]: Provide a test deck for a set of 7 interesting countries.
Previous by thread: [tor-bugs] #11973 [Tor]: Should relays stop making unencrypted directory connections?
Next by thread: Re: [tor-bugs] #11973 [Tor]: Should relays stop making unencrypted directory connections?
Index(es):
- Author
- Thread