[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24404 [Core Tor/Tor]: Propose a relay protover that allows IPv6 extends



#24404: Propose a relay protover that allows IPv6 extends
---------------------------------------------+-----------------------------
 Reporter:  teor                             |          Owner:  (none)
     Type:  enhancement                      |         Status:  new
 Priority:  Medium                           |      Milestone:  Tor:
                                             |  0.3.3.x-final
Component:  Core Tor/Tor                     |        Version:
 Severity:  Normal                           |     Resolution:
 Keywords:  needs-proposal, ipv6, tor-relay  |  Actual Points:
Parent ID:  #24403                           |         Points:  1
 Reviewer:                                   |        Sponsor:  SponsorV-
                                             |  can
---------------------------------------------+-----------------------------

Comment (by teor):

 We also need to decide which fallback to use if we don't confirm ourselves
 reachable within 20 minutes (this can happen because relays will use
 existing canonical connections rather than making a new one):
   * use an IPv6 exit to connect to our ORPort (this doesn't authenticate
 that the remote port actually belongs to us)
   * use a magic value for the identity (all zeroes?) when connecting to
 our ORPort, to force a new connection (DoS risk, doesn't authenticate, but
 does check addresses in the NETINFO cell)
   * close an old/unused connection, and then extend a preemptive circuit
 to ourselves over IPv6
   * put flags in the extend cell that say "must IPv6"?
   * some smarter mechanism?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24404#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs