[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #33530 [Core Tor/Tor]: Dir auths should notice relays with wrong clocks and act somehow (BadClock flag, withhold Guard)
#33530: Dir auths should notice relays with wrong clocks and act somehow (BadClock
flag, withhold Guard)
------------------------------+----------------------------
Reporter: arma | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: network-health
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+----------------------------
Directory authorities scan every relay every 22 minutes or so, to test
reachability.
As part of establishing the Tor connection handshake, they get a netinfo
cell from the relay. So if they look at it, they will know whether the
relay's clock is right or wrong.
So we're nearly there. Now we should act when we find a relay with a wrong
clock, to help the relay operator fix it, and to reduce the harm to
clients.
I suggest taking two responses if a relay has a wrong clock:
(A) Don't assign it the Guard flag. Clients rely on their guards for time,
e.g. because they need the guards to have proper cached dir info. And in
the glorious future where we've made progress on #2628 and friends, while
we won't want to rely solely on non-dir-auth relays to tell us if we're
skewed, if we can drive down false positives from normal relays, the
parameters get easier to pick for whatever solutions we decide on.
(B) Put the "BadClock" flag in our vote about it. We don't need to change
the consensus building process, or even get that flag into the consensus
itself. Just having it in the votes means that consensus-health and relay-
search can look at it and visualize it for relay operators, rather than
needing to do their own clock scans. (And having it there helps the
operator debug confusing questions like *why* they aren't getting the
Guard flag.) And as a bonus here, eventually Serge will put that flag in
its bridge networkstatus document, so bridgedb can make a smarter
decision, and so relay-search can visualize it too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33530>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs