Re: [tor-dev] UX improvement proposal: Onion auto-redirects using Alt-Svc HTTP header

To: George Kadianakis <desnacked@xxxxxxxxxx>

Subject: Re: [tor-dev] UX improvement proposal: Onion auto-redirects using Alt-Svc HTTP header

From: Alec Muffett <alec.muffett@xxxxxxxxx>

Date: Wed, 15 Nov 2017 13:38:33 +0000

Delivery-date: Wed, 15 Nov 2017 08:38:54 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=VMzBnEPE8zLQsPltI23C/OzjDEAMajHZVLfxB+4E8OQ=; b=msOqOzakbrzVUGF7XsdKVS1GQJr+YLPpOzMq2sluPbPBszybVxs/EvkD0TDSM5RQ09 0LofRKFg9GADqqQESEkdPnNKk2/VRYctezx4xgl2Kcdo1/yvgH31OwpTnSM1JBfARi4j BheXh5jtZxpL50gsDgakzBcWx5zxofuPE797/aK6WM8Iy6bnRskF/TvqOhvwP7qndbBe 2FKY2vPkbECebrgFJ8KUkxl0TqJDNwAOdXJCMNyVuhpdFDIU6XBtS2/aUG2hmMMhexNK ph8c4PXeHan36gUK8MhfgyDcWv4PPhL5cjHf/VzAho6y0Qvz1g7nUmJtt7iy9Us6hyzs VhOA==

In-reply-to: <87vaib1xep.fsf@riseup.net>

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

References: <87ined2fbo.fsf@riseup.net> <CA+cU71ntq3FdUH_08LTJkaXsb_XkiAPsWhdajMV+vuJijZ779w@mail.gmail.com> <878tf73lav.fsf@riseup.net> <CAFWeb9+D=e7ja7uDyHGtbog3aWZefiuuS2Fao6nWRn6_rTY=-Q@mail.gmail.com> <CAFWeb9+x-rH9ro_7N27ibKxQR47GRyJ4Urr4rSRAJWA+GydcRg@mail.gmail.com> <CAFWeb9LGK7Gb+zoFKY3wTFPDjzfYQ0Tm4a14E1624BF-KhrRPQ@mail.gmail.com> <098c9653-5ed4-d6c9-90b3-e973a7633175@torproject.org> <CAFWeb9K_vJ+rSg6+p0iZJJZCqr2Kzgnc3+GpBH8EmAv2=YHejw@mail.gmail.com> <87vaib1xep.fsf@riseup.net>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

I think it's important to point out that a Tor client is never
guaranteed to hold a *definitive* consensus.

That's why I say "(mostly) definitive" in my text - my feeling is that a locally-held copy of the consensus to be queried is going to be on average of far higher quality, completeness, and non-stagnancy than something that one tries to scrape out of Onionoo every 15 minutes.

True "definitiveness" can wait. A solution which does not require treading beyond the local area network for a "good enough" result, is a sufficient 90+% solution :-)

If we were to create "the definitive exit node oracle" we would need a
Tor client that polls the dirauths the second a new consensus comes out,

So let's not do that, then.

Furthermore, you said that enterprises might be spooked out by
tor-specific "special" HTTP headers,

Yes.

but now we are discussing weird tor
modules that communicate with the Tor daemon to decide whether to
redirect clients, so it seems to me like an equally "special" Tor setup
for sysadmins.

I can see how you would think that, and I would kind-of agree, but at least this would be local and cheap. Perhaps instead of a magic protocol, it should be a REST API that's embedded in the local Tor daemon? That would be a really, REALLY common pattern for an enterprise to query.

How about that?

- alec

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev