[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6790 [Tor Directory Authority]: Write proposal draft for directory mirrors to accept, aggregate and hand off descriptors to dirauths



#6790: Write proposal draft for directory mirrors to accept, aggregate and hand
off descriptors to dirauths
-----------------------------------------------+----------------------------
 Reporter:  mikeperry                          |          Owner:                    
     Type:  enhancement                        |         Status:  new               
 Priority:  normal                             |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Directory Authority            |        Version:                    
 Keywords:  MikePerry201210d, proposal-needed  |         Parent:  #2664             
   Points:                                     |   Actualpoints:                    
-----------------------------------------------+----------------------------

Comment(by mikeperry):

 Replying to [comment:15 nickm]:
 > Replying to [comment:14 mikeperry]:
 > > Can you explain more about 5 being unsolved? I haven't been following
 microdesc development. You mean the only way to get microdescriptors right
 now is from the dirauths directly?
 >
 > Not exactly.
 >
 > I mean that right now, when a directory cache wants to learn a
 consensus, a router descriptor, or a microdescriptor, it fetches it from
 one of the authorities.  It can't just ask another cache: there is no
 mechanism for *any* cache to learn this stuff right now other than asking
 an authority, so if all the caches asked each other, nobody would find
 out.
 >
 > Obviously, this could be improved as a Simple Matter of Software Design.

 Yeah, I'm not suggesting some massive, expensive N^2 layer where all the
 dir mirrors talk to eachother to exchange submitted relay descriptors or
 consensus microdescs.

 My goal is the simplest possible design that allows us to reduce the roles
 of the dirauths to 3, 4, and 5. This means that dir mirrors (fine, even
 the whole current consensus) are still allowed to talk to dirauths to
 download and submit descriptor info. That way, if certain relays are
 loud/busted/broken in terms of their mirroring functionality, we can just
 drop them from the consensus as a last resort, or perhaps just add them to
 a dirport firewall.

 To preserve the consensus properties for descriptor submission with
 minimal changes, it seems we have two options when the dirauths are
 operating in this mode:
  1. Relays submit descriptors to a dir mirror who submits it to all N
 authorities
  2. Relays submit descriptors k*N times, to the k*N dir mirrors in the
 current consensus with the k closest idhexes to each of the N dirauths,
 who then submit it forward to that dirauth.

 In each case, the dir mirror should perform the same checks and rate
 limits that the dirauths currently do. They might also need additional IP
 restrictions too. It depends on what is actively enforced at the dirauths
 right now before performing checks.

 My goal is to get a proposal for this written by Oct 10th that describes a
 way to support this as an optional mode of operation in extreme
 circumstances that we can test periodically. If we don't get it coded for
 0.2.4.x because other things end up more important, that's fine. It might
 be the case that #572 by itself is enough to make me happy for emergency
 circumstances.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6790#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs