[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
From: s7r <s7r@xxxxxxxxxx>
Date: Mon, 3 Feb 2020 23:17:48 +0200
Autocrypt: addr=s7r@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQENBE9BogQBCADazBiEe0PGTgeUJ/JU4BDvdE2ZFD+MUOgf3+n78F6mXTxcLgyiE/3E4rA5 Sy3NzVRjqjzyn/MyDJDbsRpSKT6uVT5thYNyfDNBNqYmqdVS8Gu+H90z78x1WJ+DxVawk4IM mi8jmKcwlz7hOGROsR0+NyWjyghlzNHVgiJkWIvp5AVDg4F6o2oCH/vBbgomu3Ho5r7fiRZg I0uxsMLIkRI8bwB3SlVi3n4a94ZI2R9rXD9KNWzW4OT5LnICW1d/cuktwVBQRxGE6KFtVDzI chjuDWFaT9p6qROqoBRbsGF/mLg/sb26dwRxb7CnxfCWJn10ZGWo8jG6MM/QKEcxSj0JABEB AAG0NHM3ckBza3ktaXAub3JnIChBbm9ueW1pdHkgbWF0dGVycyEpIDxzN3JAc2t5LWlwLm9y Zz6JATgEEwECACIFAk9BogQCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEIN/pSyB JlsRbkQH/jfe6F9nbwwFBo2DuNJ+Ci2IpZEco1P6rWh2l3AzG0vOD82nYJ5uFIw+0v615tW8 WWNfeIsrbCRnmOAx8NGkGsk/j+SRJb41pQ79tyxdBg7txcbT9bAdcaImYoBBp+1bnyrAaROB 1wDq0jKX09ofKrrAUWOlddASpIBG5uKMLhHe1X14lmvgGHWDPHKrw4yzBN/nNfXYr+Ayjt9s NM6JETHIgqO6uvchiT20v2/SzD3FlysROkPeoFjGWUwAqH2r7RQyDLF6EoqkrcuwvjFXiOFE nFdNRbHQsKYXPhbk2JUiFQQcdLtJg6iaoRBnhATl4V6soP2EHYn3K1bz+eYL+AS5AQ0ET0Gi BAEIAMO7MGEfdMn72SQAK0m5rcEPj3mtSRRokMHl3YBNjFbj3O4QAwjpKBJ7RuPdF9B9IDAP a7mc+f33mpIgRnxKDwkjswPk74mMQRxe2wgv4AQ7yBICYYK99e6RYP0LC1PDIGXFPLjs0Teu QAxASFvNycC5JSfQUsAI3OTQjaGUaiUfavmJYkn9B6C2ktQgvM7qbxJvLP5X02tgp4G4gNiu 8ZA3aOUdX+8EQwERJZ8CuA/R6/2M2nEO3YRCsxaYSzob7nicjfoPvyvSYu3zXRFj+3uvDOK6 AGNILmftVUoRQ6/WsNaAQX42cDfSNYQ8uZ/zgTGatO3ArNb1uqWbMdbUA5sAEQEAAYkBHwQY AQIACQUCT0GiBAIbDAAKCRCDf6UsgSZbEZjSB/41TviTCxdiS4PLSDrQ3GOmQPpWZRk/O1tv 3y6T9p0XuC/oq6kKfToKuV2/Ok+589rtmrXhjzdk2otDKCRGejJFpVoU/vfR+jokArzpwyPa TWDAhMGmf5wmEAojsiOc9Zgj/CuS5nd/eLFi4QGtbLoDLrTrQSXB4qR0zJFoQfykVaERT2dm UV/D22opJc8jo3UBOBckgGi9jBi/2OvwEiFcZSl1u9Qi4+gbINOObQF5a0h9ReZCT1BUs5FV DSXBBYZTJJ2flnZH69Mb+9KxRMyqjhRzyGDUfY73SYlCpKX9buWMl0CCsDx+GrRVSxvQnA8b aSq1wlfKsJBimGtSAqf8
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 03 Feb 2020 16:18:19 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org; s=20110108; t=1580764683; bh=TtARn5H1Wsz5/fZKe0wyoSjzTjaLILuHA/qDZFrzJpo=; h=Subject:To:References:From:Date:In-Reply-To; b=DHQgYlx9QMsQBh5lt774zDt/PVcK2QogC/PDaRhu7eslatYtc6S5oMIviyGV+53MR xrT+qWLo3gE+soY+m76ncY9mDNhoH7dQdaxlGt+2xrBKzvraVI5866Bc7/r5EgvojA 5XXxbNU8rkqMO9YRtuGRf10Gb5xVaiVm/yTcm8po=
In-reply-to: <F74D0B6D-0700-4CC3-84CD-19620086BFF2@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <FE948078-0823-4294-B525-1A6D72A7E5FD@riseup.net> <5f509a08-1dd8-0ce0-5d71-408684531684@sky-ip.org> <1fa27dc9-a57f-4bfb-490e-29de05704535@sky-ip.org> <F74D0B6D-0700-4CC3-84CD-19620086BFF2@riseup.net>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2

Hi teor,

teor wrote:
> Hi s7r,
> 
> Thanks for bringing up IPv6 address privacy extensions.
> 
>> On 30 Jan 2020, at 02:19, s7r <s7r@xxxxxxxxxx> wrote:
>>
> 
> I read RFCs 4941 and 3041, looked at the tor directory spec, and did some
> analysis:
> * tor clients get new relay addresses within 4.5 hours
> * IPv6 privacy extensions rotate addresses every day (by default)
> * IPv6 privacy extensions remove old addresses after a week (by default)
> 
> (And applications have to opt-in to IPv6 privacy extensions addresses,
> by default, according to the RFC.)
> 
> Therefore, I don't think tor relays or clients will be affected by relays
> using IPv6 privacy extensions.
> 
> See my detailed analysis here:
> https://github.com/torproject/torspec/pull/105/files#diff-28c992d72bedaa9378a4f3627afb8694R816
> 
> (I still have to revise proposal 312 based on Nick's review, I hope to do
> that today or tomorrow.)
> 
> T

Thanks for looking into it!

I agree with your analysis fully. However, I just think it would be
better if we mention in proposal 312 explicitly that Tor should try hard
to get an IPv6 address that has the desired state, and use that. It is
true that this is different on each operating system, but the operating
systems we most care about should be pretty trivial to patch for this
change.

IPv6 addresses have multiple states. We simply request for one that has
state `public` and not `temporary`.
(https://tools.ietf.org/html/rfc3484).

In the current form of this proposal, it looks kind of optional ("We
propose this optional change, to improve..."). I propose removing the
line which contains "this optional change" and changing the following:

In practice, each operating system has a different way of detecting IPv6
address privacy extensions. And some operating systems may not tell
applications if a particular address is using privacy extensions. So
implementing this change may be difficult.

to

In practice, each operating system has a different way of indicating if
an IPv6 address comes from a privacy extension or not. Usually the
operating system also returns the state of each available address:
"public" - the ones that does not change, and which Tor should use
"temporary" - the ones that come from privacy extensions
Tor should always ask for and use a "public" IPv6 addresses to build
relay descriptor.

Might not be the most explicit wording, but feel free to rephrase, we
just need to make it clear that we will try as hard as possible to NOT
use a temporary IPv6 address, and might only use one in small isolated
cases where operating systems do not report to Tor properly the states
of the available IPv6 addresses.

This shouldn't be too hard - apache and most properly coded server apps
do not bind to temporary IPv6 addresses. Also, all the IPv6 related RFCs
make it mandatory for server type applications (like Tor in relay mode)
to request `public` IPv6 addresses, not `temporary` ones.

sbws of course should account relays per IPv6 prefix, and not per
address. Usually we should be able to determine if an address is in the
same /64 IPv6 subnet and not reset the bandwidth measurement because
most probably it is the same relay. A /64 is standard, however there are
ISPs that do now follow the standard in assigning /64 to end users and
sometimes assign /112 or strange things like that. So this can become
complicated again. Which is why it is more simple to always ask for a
`public` IPv6 address and ignore `temporary` ones. I think it's simpler
and more efficient than changing sbws.

##### NOT DIRECTLY RELATED TO PROPOSAL 312 SECTION #####
These privacy extensions IPv6 addresses might be good for outgoing IPv6
exit connections, like changing per circuit or per destination to get
rid of captchas and blacklists, but this is something different.

Our internal DoS defense subsystem should also treat prefixes instead of
addresses, because right now with a client with a /64 public IPv6 prefix
assigned to it I could hammer via IPv6 guards without triggering the DoS
defense. This is is something different as well.

From my point of view all these should go under the same big `Tor-IPv6`
project, and get funded as well. So, there's quite some work ahead ;)
##### END OF NOT DIRECTLY RELATED TO PROPOSAL 312 SECTION #####

-s7r

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
  - From: Mirimir
- Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
  - From: teor

References:
- Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
  - From: teor

Prev by Author: Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
Next by Author: Re: [tor-dev] TOR Browser Circuit Selection of Exit Nodes
Previous by thread: Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
Next by thread: Re: [tor-dev] Proposal 312: Automatic Relay IPv6 Addresses
Index(es):
- Author
- Thread