Hi Fernando, Seems like an important proposal, if there is a good argument that a particular amount of data is "safe". I think your research may help with this. If everybody chooses different amounts of data, that makes them easier to identify. > On 1 Dec 2017, at 08:47, Fernando Fernández Mancera <ffernandezmancera@xxxxxxxxx> wrote: > > About TorBrowser or any other Tor application that is able to manage circuits > by its own because of KeepAliveIsolateSOCKSAuth option being active by default > shouldn't be affected by this new feature. As the same form that it currently > ignores MaxCircuitDirtiness parameter. We talked about Tor Browser's default behaviour yesterday on #tor-dev. KeepAliveIsolateSOCKSAuth doesn't ignore MaxCircuitDirtiness: instead, it resets the timer each time a stream is attached to a circuit. This means that circuits stop accepting new streams MaxCircuitDirtiness seconds after they are *last* used for a new stream. (The default is *first used* for a new stream.) Onion services also have similar behaviour, but we should check the details. The proposal doesn't specify how KeepAliveIsolateSOCKSAuth and onion services work with MaxCircuitSizeDirtiness and MaxCircuitSizeDirtinessByPort. We need to specify what happens, so the Tor Browser team knows if it needs to change its torrc. And it would help us decide what to set as the default for onion services. T -- Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev