Hi, all! As you probably know, Tor has had a few different directory protocols in its lifetime. The oldest one (the "v1 protocol") was pretty bad: it took up a lot of bandwidth, and it made every authority into a single point of failure. The more recent protocol (the "v2 protocol") has been fully supported since 0.1.1.8-alpha. Unfortunately, there are still some tools that use v1 directories, and there are still some clients (and even a few servers!) running 0.1.0.x. This is bad for a number of reasons: The 0.1.0.x series has not been supported for a while. Tor 0.1.1.x has been stable for more than a year now, and it has a lot of important security features that are not supported in 0.1.0.x. (These are features, not bugfixes, and they can't be backported without basically replacing 0.1.0.x with 0.1.1.x.) IMO, we are _not_ doing people a favor by keeping support for 0.1.0.x: it is insecure, buggy, and old. Thus, in a few months (say, on 1 August or 1 September), I propose that we drop support for v1 directories. The authorities, instead of generating full v1 directories, will serve empty directories instead, so that caches will not propagate stale information. This will make 0.1.0.x clients download empty directories, and fail to build circuits until their users upgrade to 0.1.1.x. At the same time, there's another transition to make in directory information: Check out proposal 104. We're going to move the fields "read-history" and "write-history" (which currently are only used by some tools, and are not used by Tor iteself) into a separate "extra-info" document that not everybody downloads. This will cut down on directory bandwidth, _a lot_, since those fields are very expensive. If you are maintaining a tool that uses v1 directories or the *-history fields, you'll need to switch to use v2 directories and extra-info documents. I'll try to ease the transition as much as I can, possibly by writing a script to cobble the contents of a Tor's cache into some semblance of a v1 directory. I'm not proposing this lightly; I really hate dropping support for old versions. Nevertheless, I think we need to do this soon: to limit the bandwidth demands on directory servers; to continue to improve the network's security; to avoid bloating our code with backward compatibility hacks indefinitely; and to ensure that users running ancient insecure software don't get hurt by it. Please let me know if for some reason August 1 is too late for you; if you've got compelling reasons, I'll push the date back to September 1. Please also let me know if I'm being totally insane here. :) yrs, -- Nick Mathewson
Attachment:
pgpWcuytKkKZk.pgp
Description: PGP signature