[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Bridge stability
- To: or-dev@xxxxxxxxxxxxx
- Subject: Re: Bridge stability
- From: Christian Fromme <kaner@xxxxxxxxxx>
- Date: Wed, 10 Mar 2010 19:19:03 +0100
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-dev-outgoing@xxxxxxxx
- Delivered-to: or-dev@xxxxxxxx
- Delivery-date: Wed, 10 Mar 2010 13:19:12 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:content-transfer-encoding; bh=rapILtD0BsBJVEc0SJtqb+l2RJQ6YvKUmvTTJRJHXnI=; b=mEiXpWT8AM/X7xJaz7yiihW6aHjjsv8evzxQnd5nLGadf4YXUCDPT8RYB6Hw8b/tvZ qqbERo22XLUgcCQKuUZXhqr70W9AjZJn+RX5/6ZV8g67xjGukvDIiJK7xByIg+zvQlak BiLTcfO4FNiIc55RSa+m7OyGMPjRAxr9Qs0GE=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=PBCkIt4kV8ep+rrJAywcD9NDlPuZATb8ej+Ccd6ncpTwxLmXIBQjdoGahE8XWRUz2U +oB4tYR+qeA2bWVXuIOsnphWNSoZs+31X/WNkrOzW58V+4k2ywy3rCWrr+lOuJAMULoC OiElWTe1ceXszqjDTf+UOeURgTWtHrDFQKA4A=
- In-reply-to: <EE1A9FDC-0BCB-48C1-969C-E26660384173@xxxxxxx>
- References: <EE1A9FDC-0BCB-48C1-969C-E26660384173@xxxxxxx>
- Reply-to: or-dev@xxxxxxxxxxxxx
- Sender: owner-or-dev@xxxxxxxxxxxxx
Hi Karsten,
First of all, nice analysis!
On Mon, Feb 15, 2010 at 9:29 AM, Karsten Loesing
<karsten.loesing@xxxxxxx> wrote:
> So, are these good news? Personally, I had expected worse results. During most of the time, availability is surprisingly high. An 80% chance of the bridges working even after 96 hours seems fair. That means in 1 out of 5 cases someone needs to send a second e-mail or make a second website request. We might even think (or have already thought) about implementing a bridge update functionality where users go to the bridge authority and exchange their broken bridges for working ones---as long as at least one of their bridges still works.
Would it be possible for someone to tell the bridge authority that a
bridge is down even though it is not? Maybe through a DoS attack? If
this is the case, maybe this thing should be handled with care or
otherwise there's a paranoid theoretical way someone could learn all
bridge addresses.
A way around that, if it is considered realistic enough, would be to
tag some bridges 'private' or so and not to give those out with that
update functionality.
Best,
C