[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20082 [Core Tor/Tor]: Lower initial descriptor upload delay for ephemeral services



#20082: Lower initial descriptor upload delay for ephemeral services
-------------------------------+------------------------------
 Reporter:  twim               |          Owner:
     Type:  enhancement        |         Status:  new
 Priority:  Medium             |      Milestone:  Tor: 0.2.???
Component:  Core Tor/Tor       |        Version:
 Severity:  Normal             |     Resolution:
 Keywords:  tor-hs, research,  |  Actual Points:
Parent ID:                     |         Points:
 Reviewer:                     |        Sponsor:  SponsorR-can
-------------------------------+------------------------------
Changes (by asn):

 * keywords:  tor-hs => tor-hs, research,
 * sponsor:   => SponsorR-can
 * milestone:   => Tor: 0.2.???


Comment:

 Hmm interesting.

 A few things here:

 Have you tested that the actual delay here is about 30 seconds? I remember
 people saying that the whole `rend_consider_services_upload()` function is
 borked. I think that would be nice to verify.

 Now, if we believe that this delay actually offers security and we reduce
 it for `ADD_ONION` services, why not reduce it for all services? We don't
 really know the threat model of all the people who use `ADD_ONION`, so I'm
 not sure if we should take such a global decision.

 Personally, I feel this delay can indeed increase security in some use
 cases, but I also don't like the reachability effect that you mentioned.

 I think that your sugestion of making this a parameter of `ADD_ONION`
 might be a good approach. Although this assumes that all the people who
 use `ADD_ONION` actually understand the security threats here, which is
 quite doubtful...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20082#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs