[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec] 04/05: Prop329: Document Snowflake exemption to Guard restriction.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec] 04/05: Prop329: Document Snowflake exemption to Guard restriction.
From: gitolite role via tor-commits <tor-commits@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 24 May 2023 18:48:18 +0000
Auto-submitted: auto-generated
Cc: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 May 2023 14:48:31 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1684954108; bh=m4OwzH+uSQTQizJmCGcgaGDVS72P3JAuYOr9erI2xYw=; h=Date:To:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=X0pujqJUmBvlrFyehvRQXbbRdVRgQRPxs5uqk3O6ybdDN/wTA3Yk4WITcHKGju7Sq xLPWfteK+I1B9+wzzwV+Kpw3ZAZvjwktlrG5L+zzHiaJ9vTJVdPpoZl3Pf0Dyx1MqQ EjkquswSDE6iZ043W1+qVkCiC7mnuV7RqiJII7ejXHddscAbT4bc17Jrv0KItnHXtc GGyIRk134iKh2ZuPmJ+6nXT2U1TiphKcS++VY6xm2JSvjUlpwNLEIAJwrEdD+jS/PU MZWJfkJYCjVwb94cQNv6u7IYu9vNPmCxOhJNVKKmsmgwEGMSEXOpJeZwSq9EYPmg2q lqTipLi7b5gew==
In-reply-to: <168495409416.8766.17290001789931376451@cupani.torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
References: <168495409416.8766.17290001789931376451@cupani.torproject.org>
Reply-to: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQAAEjRWpuLbRXv5SRSmk/p4l2unaw==

This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch main
in repository torspec.

commit 7ea74b99bd6ef356feb8f66a23ff985c9b056f69
Author: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
AuthorDate: Wed May 17 21:29:05 2023 +0000

    Prop329: Document Snowflake exemption to Guard restriction.
---
 proposals/329-traffic-splitting.txt | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/proposals/329-traffic-splitting.txt b/proposals/329-traffic-splitting.txt
index 63d7aab..93655f0 100644
--- a/proposals/329-traffic-splitting.txt
+++ b/proposals/329-traffic-splitting.txt
@@ -275,7 +275,21 @@ Status: Needs-Revision
 
   To link exit circuits, two circuits to the same exit are built, with
   additional restrictions such that they do not share Guard or Middle
-  relays. When each circuit is opened, we ensure that congestion control
+  relays. This restriction applies via specific relay identity keys,
+  and not IP addresses, families, or networks. (This is because the purpose
+  of it is to avoid sharing a bottleneck *inside* relay circuit queues;
+  bottlenecks caused by a shared network are handled by TCP's congestion
+  control on the OR conns).
+
+  Bridges also are subject to the same constraint as Guard relays;
+  the C-Tor codebase emits a warn if only one bridge is configured, unless
+  that bridge has transport "snowflake". Snowflake is exempt from this
+  Guard restriction because it is actually backed by many bridges. In the
+  bridge case, we only warn, and do not refuse to build conflux circuits,
+  because it is not catastrophic that Bridges are shared, it is just
+  sub-optimal for performance and congestion.
+
+  When each circuit is opened, we ensure that congestion control
   has been negotiated. If congestion control negotiation has failed, the
   circuit MUST be closed. After this, the linking handshake begins.
 
@@ -307,6 +321,17 @@ Status: Needs-Revision
   use Prop340, we will have to raise the limit on number of intros per
   client circuit to 2, here, at intropoints).
 
+  When rendezvous circuits are built, they should use the same Guard,
+  Bridge, and Middle restrictions as specified in 2.2, for Exits. These
+  restrictions SHOULD also take into consideration all Middles in the path,
+  including the rendezvous point. All relay identities should be unique
+  (again, except for when the Snowflake transport is in use). The one
+  special case here is if the chosen rendezvous points by a client
+  are the same as the service's guards. In this case, the service SHOULD
+  NOT use different guards, but instead stick with the guards it has.
+  The reason for this is that we do not want to create the ability
+  for a client to force a service to use different guards.
+
   The first rendezvous circuit to get joined SHOULD use Proposal 340 to
   append the RELAY_BEGIN command, and the service MUST answer on this
   circuit, until RTT can be measured.

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

References:
- [tor-commits] [torspec] branch main updated (a1cd058 -> 51e2149)
  - From: gitolite role via tor-commits

Prev by Author: [tor-commits] [tor] 18/77: bump up some log messages for easier debugging
Next by Author: [tor-commits] [tor] 47/77: test_crypto: add equix and hashx tests
Previous by thread: [tor-commits] [torspec] 03/05: Prop#329: Clarity improvements
Next by thread: [tor-commits] [torspec] 05/05: Merge branch 'tor-gitlab/mr/132'
Index(es):
- Author
- Thread