Startsida Utforska Hjälp
Logga in
piros
/
tor
3
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: cb4d773063
Grenar Taggar
tor
/
doc
/
spec
/
proposals
/
152-single-hop-circuits.txt

152-single-hop-circuits.txt 2.7 KB
Historik

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 
  1. Filename: 152-single-hop-circuits.txt
    2. 

  2. Title: Optionally allow exit from single-hop circuits 
    3. 

  3. Version:
    4. 

  4. Last-Modified:
    5. 

  5. Author: Geoff Goodell
    6. 

  6. Created: 13-Jul-2008
    7. 

  7. Status: Closed
    8. 

  8. Implemented-In: 0.2.1.6-alpha
    9. 

  9. 

  10. Overview
    11. 

  11. 

  12.     Provide a special configuration option that adds a line to descriptors
    13. 

  13.     indicating that a router can be used as an exit for one-hop circuits,
    14. 

  14.     and allow clients to attach streams to one-hop circuits provided
    15. 

  15.     that the descriptor for the router in the circuit includes this
    16. 

  16.     configuration option.
    17. 

  17. 

  18. Motivation
    19. 

  19. 

  20.     At some point, code was added to restrict the attachment of streams
    21. 

  21.     to one-hop circuits.
    22. 

  22. 

  23.     The idea seems to be that we can use the cost of forking and
    24. 

  24.     maintaining a patch as a lever to prevent people from writing
    25. 

  25.     controllers that jeopardize the operational security of routers
    26. 

  26.     and the anonymity properties of the Tor network by creating and
    27. 

  27.     using one-hop circuits rather than the standard three-hop circuits.
    28. 

  28.     It may be, for example, that some users do not actually seek true
    29. 

  29.     anonymity but simply reachability through network perspectives
    30. 

  30.     afforded by the Tor network, and since anonymity is stronger in
    31. 

  31.     numbers, forcing users to contribute to anonymity and decrease the
    32. 

  32.     risk to server operators by using full-length paths may be reasonable.
    33. 

  33. 

  34.     As presently implemented, the sweeping restriction of one-hop circuits
    35. 

  35.     for all routers limits the usefulness of Tor as a general-purpose
    36. 

  36.     technology for building circuits.  In particular, we should allow
    37. 

  37.     for controllers, such as Blossom, that create and use single-hop
    38. 

  38.     circuits involving routers that are not part of the Tor network.
    39. 

  39. 

  40. Design
    41. 

  41. 

  42.     Introduce a configuration option for Tor servers that, when set,
    43. 

  43.     indicates that a router is willing to provide exit from one-hop
    44. 

  44.     circuits.  Routers with this policy will not require that a circuit
    45. 

  45.     has at least two hops when it is used as an exit.
    46. 

  46. 

  47.     In addition, routers for which this configuration option
    48. 

  48.     has been set will have a line in their descriptors, "opt
    49. 

  49.     exit-from-single-hop-circuits".  Clients will keep track of which
    50. 

  50.     routers have this option and allow streams to be attached to
    51. 

  51.     single-hop circuits that include such routers.
    52. 

  52. 

  53. Security Considerations
    54. 

  54. 

  55.     This approach seems to eliminate the worry about operational router
    56. 

  56.     security, since server operators will not set the configuraiton
    57. 

  57.     option unless they are willing to take on such risk.
    58. 

  58. 

  59.     To reduce the impact on anonymity of the network resulting
    60. 

  60.     from including such "risky" routers in regular Tor path
    61. 

  61.     selection, clients may systematically exclude routers with "opt
    62. 

  62.     exit-from-single-hop-circuits" when choosing random paths through
    63. 

  63.     the Tor network.
    64. 

  64.