[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24010 [Core Tor/Torflow]: Make bandwidth authorities use DNS, not IP addresses

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24010 [Core Tor/Torflow]: Make bandwidth authorities use DNS, not IP addresses
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 27 Oct 2017 05:37:49 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 27 Oct 2017 01:38:01 -0400
In-reply-to: <044.3780804086544bfef29e1f5bab7a7ada@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.3780804086544bfef29e1f5bab7a7ada@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24010: Make bandwidth authorities use DNS, not IP addresses
------------------------------+------------------------
 Reporter:  teor              |          Owner:  aagbsn
     Type:  defect            |         Status:  new
 Priority:  High              |      Milestone:
Component:  Core Tor/Torflow  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:  #21394            |         Points:  1
 Reviewer:                    |        Sponsor:
------------------------------+------------------------

Comment (by arthuredelstein):

 Replying to [comment:6 teor]:

 > If the role of bandwidth scanners is to measure bandwidth *as clients
 experience it*, then using at least some DNS is appropriate.
 > We could use a mix of DNS and IP, because that's what clients do. And if
 we use a CDN as the server, it will need DNS.

 I tend to agree with micah that we shouldn't conflate measuring bandwidth
 with DNS resolver failure rate. These are two different measurements, and
 have different observable effects in clients. In Tor Browser, we see
 frequent DNS resolver failures, which cause very long delays in first
 connecting to a website (ten or twenty seconds).

 But I do think it might be a good approach for bandwidth authorities to
 provide a second, separate service of measuring resolver failure rate. I
 agree it might require using a large pool of domain names to avoid being
 vulnerable to an attack by ISP or host country.

 > Also, exits can check their own DNS (#24014), but judging what is a slow
 resolve is hard, because it needs a comparison to other exits.

 I don't think you need to compare with other exits. We know that tor has a
 hard-coded 10-second timeout. If the DNS resolver takes longer than 10
 seconds, then that should be counted as a failure. Obviously, whether it's
 self-reporting by the exit or measurement by a bandwidth authority, you'd
 want to pick a threshold failure rate above which exits are penalized or
 their exit status is disabled.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24010#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #24010 [Core Tor/Torflow]: Make bandwidth authorities use DNS, not IP addresses
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #18329 [Core Tor/Tor]: Let bridges indicate when they don't want BridgeDB to distribute their address
Next by Author: Re: [tor-bugs] #5190 [Core Tor/Tor]: Collect Rob's patch for throttling flows at guards
Previous by thread: Re: [tor-bugs] #24010 [Core Tor/Torflow]: Make bandwidth authorities use DNS, not IP addresses
Next by thread: [tor-bugs] #24011 [Core Tor/Tor]: Attempt to open a stream on first hop of circuit
Index(es):
- Author
- Thread