[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5048 [Tor Relay]: cbtmintimeout should have a lower maximum
#5048: cbtmintimeout should have a lower maximum
-----------------------+----------------------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by arma):
{{{
<wanoskarnet> cbtmintimeout can't be more than 60 s, as it what tor used
for 5
years as staticaly limited cbt. It have no sense to raise timeout because
consensus limit is 61 s.
<wanoskarnet> maximum of cbtinitialtimeout is 120 seconds. Because
SocksTimeout is 120 seconds. It have no sense to have timeout more than
socks
client can waiting for.
<wanoskarnet> "if it wouldn't actually cause Tor to die, it's a valid
value"
is wrong logic. you limiting 0.001% of users that can't normally or can't
use
tor at all because senseless consensus params. No need to segregate user
just
because connection stuff.
> re "cbtmintimeout can't be more than 60 s", part of the reason for cbt
was
to allow the timeout to be *more* than 60s if it needs to be.
> re "SocksTimeout is 120 seconds", if a client changes sockstimeout, and
the consensus changes the initialtimeout, then it can work. why disallow
it?
> re "limiting 0.001% of users that can't normally or can't use tor at
all", i
still don't understand. are you saying a high value would make most people
unable to use tor at all?
<wanoskarnet> cbtmintimeout is about min of cbt, of course cbt can be more
than 60 s for some cases.
<wanoskarnet> but cbtmintimout from consensus can't be more than 60s
> also, sockstimeout is for streams, and cbt is for circuits. so you can
still
use a circuit that took 400 seconds to build, and have your socks
handshake
finish within 120. (neither of which will be fun, but hey)
<wanoskarnet> yes, I just try to find senseless limits.
<wanoskarnet> s/senseless/correct/
> if three directory authorities conspire, they can do bad things. they
shouldn't do bad things. i think that's a good enough policy.
> maybe that means we should have current directory authorities vote for
the
current defaults?
> that way it would take way more than 3 dir auths to conspire.
<wanoskarnet> it is not about conspirasy. it's about non informed aut and
bad
conns in the noeth pole isp.
> which could also be solved by having authorities vote for the current
defaults.
> shall i add your comments to the trac ticket so other people might see
them?
<wanoskarnet> ok
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5048#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs