Re: [tor-bugs] #26288 [Core Tor/Tor]: prop289: Implement authenticated SENDME

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#26288: prop289: Implement authenticated SENDME
-------------------------------------------------+-------------------------
 Reporter:  dgoulet                              |          Owner:  dgoulet
     Type:  enhancement                          |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  prop289, 035-roadmap-master, 035     |  Actual Points:
  -triaged-in-20180711, prop289-assigned-        |
  sponsor-v, 041-proposed-on-roadmap, network-   |
  team-roadmap-2019-Q1Q2                         |
Parent ID:                                       |         Points:  21
 Reviewer:  nickm                                |        Sponsor:
                                                 |  SponsorV
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:14 dgoulet]:
 > Replying to [comment:13 teor]:
 >
 >
 > > Replying to [comment:12 dgoulet]:
 > >
 > > >
 > > > ...
 > > >
 > > > So a piece missing is the integration with protover. I'm not
 entirely sure how to proceed code wise because what I've tried with
 `SendMe=1` and it was not working. Basically, what I need is a
 confirmation that what is proposed makes sense and is doable that way. If
 so, I'll push the commit that implements this and will ask nickm to hunt
 down why it is failing.
 > > >
 > >
 > > SENDMEs are part of circuits and streams, so we could increment the
 Relay protocol version:
 >
 > Hmmmm the only reason I created a `SendMe` here is because it would have
 made `Relay` a bit messier... but I guess overall that is what we've
 designed Protover to support anyway.
 >
 > Edit: After some discussions with Nick on IRC, problem with Relay is
 that we would need two new versions, that is "Auth. SENDME + tap" and
 "Auth. SENDME + ntor"... and that means using `Relay` implies a large
 matrix of versions every time we change a different cell type.
 >
 > So the suggestion would be something like `FlowCtrl=`, have an implicit
 "1" that is current situation and add the value for `2` that would be for
 prop289.

 You can do it this way: just like HSIntro etc.

 > ~~We already have a SENDME version (0) that all tor supports. And now we
 want to support v1. In order for protover to "stop" the use of v0, we then
 need to introduce two new versions to `Relay` which right now would be 3
 and 4.~~
 >
 > ~~Then to remove the usage of v0, we would advertise `Relay=1-2,4` which
 should effectively exit() every client that does NOT support v1 that is
 `Relay=4`.~~

 I think there's some confusion here.

 The current Relay protocols are:
 1. TAP and all the features in Tor 0.2.3 (including whatever flow control
 was in 0.2.3)
 2. ntor and all the features in Tor 0.2.4.19, including TAP and all the
 features in 0.2.3 (including whatever flow control was in 0.2.4.19)
 https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n2012

 But I think you're right overall: we don't know if we want to turn off TAP
 first, or the old flow control first. So a new protocol is a good idea.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26288#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs