[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: questions about MinUptimeHidServDirectoryV2 in 0.2.1.2-alpha

To: or-talk@xxxxxxxxxxxxx
Subject: Re: questions about MinUptimeHidServDirectoryV2 in 0.2.1.2-alpha
From: Karsten Loesing <karsten.loesing@xxxxxxx>
Date: Tue, 05 Aug 2008 15:01:06 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 05 Aug 2008 09:01:15 -0400
In-reply-to: <200808051159.m75BxNsw000776@xxxxxxxxxxxxx>
References: <200808051159.m75BxNsw000776@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

|      The tor man page says,
|
| 	"MinUptimeHidServDirectoryV2 N seconds|minutes|hours|days|weeks
| 		Minimum  uptime  of a v2 hidden service directory to be accepted
| 		as such by authoritative directories. (Default: 24 hours)"
|
| My questions are, what is the justification for the default of 24
hours?  And
| why have this particular option at all?  Why not instead have a "no longer
| fresh/up to date" indicator somewhere, much like the fresh-until line for
| consensus/status documents, so that a server that beomes disconnected
or goes
| down for only a brief time will remain available to provide hidden service
| directory service as much of the time as possible?  Or, better yet,
why not
| simply handle this issue the same way that it is handled for normal
directory
| (mirror) service?

The default of 24 hours ensures that hidden service directories are
available for the next few hours with a certain probability. The idea is
that there are hundreds of hidden service directories at some point
which are not authoritative any more, but provide a more scalable and
robust storage than the three authoritative ones can. Hidden services
and clients need to have a view as consistent as possible of which
hidden service directories are out there, so that clients can find
previously stored hidden service descriptors. The 24 hours have turned
out to be a characteristic that allows distinguishing highly available
relays from others. The rationale behind it is that a certain number of
relay operators turn their relays off over night. The following diagram
shows the variation of relays with different minimum uptimes over an
interval of 2+ months. You can see the difference between minimum
uptimes of 16 hours and lower and those of 20 hours and higher. That is
the reason for the default of 24 hours.

http://freehaven.net/~karsten/dirnodesminuptime.pdf

The option MinUptimeHidServDirectoryV2 is mainly there to perform tests
with the distributed hidden service directory without having to wait for
24 hours. It is not required to set it in the public Tor network. (It
only has an effect on directory authorities anyway.)

I should probably make the design paper of the distributed hidden
service directory available rather soon. It answers questions like yours.

Hope that helps!
- --Karsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFImE8S0M+WPffBEmURAseDAJ9zbmc9Fr0u1NDSdfBZCMf3IHxAnwCghAYp
ioWjbih5vuaFVbydCthSGu0=
=BusG
-----END PGP SIGNATURE-----

References:
- questions about MinUptimeHidServDirectoryV2 in 0.2.1.2-alpha
  - From: Scott Bennett

Prev by Author: Re: SIGHUP without effect
Next by Author: Re: SIGHUP without effect
Previous by thread: questions about MinUptimeHidServDirectoryV2 in 0.2.1.2-alpha
Next by thread: Re: questions about MinUptimeHidServDirectoryV2 in 0.2.1.2-alpha
Index(es):
- Author
- Thread