Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

r16695@tombo: nickm | 2008-07-03 13:00:38 -0400
add new proposal 149: using netinfo data


svn:r15629

Nick Mathewson 16 years ago
parent
9d7a2d4eae
commit
2365e5ca8c
2 changed files with 45 additions and 0 deletions
Unified View Show Diff Stats
  1. 2 0
      doc/spec/proposals/000-index.txt
  2. 43 0
      doc/spec/proposals/149-using-netinfo-data.txt

+ 2 - 0
doc/spec/proposals/000-index.txt
View File 

@@ -71,6 +71,7 @@ Proposals by number:
 
 146  Add new flag to reflect long-term stability [OPEN]
 
 146  Add new flag to reflect long-term stability [OPEN]
 
 147  Eliminate the need for v2 directories in generating v3 directories [OPEN]
 
 147  Eliminate the need for v2 directories in generating v3 directories [OPEN]
 
 148  Stream end reasons from the client side should be uniform [OPEN]
 
 148  Stream end reasons from the client side should be uniform [OPEN]
 
+149  Using data from NETINFO cells [OPEN]
 
 
 
 
 
 Proposals by status:
 
 Proposals by status:
 
@@ -95,6 +96,7 @@ Proposals by status:
 
    146  Add new flag to reflect long-term stability
 
    146  Add new flag to reflect long-term stability
 
    147  Eliminate the need for v2 directories in generating v3 directories
 
    147  Eliminate the need for v2 directories in generating v3 directories
 
    148  Stream end reasons from the client side should be uniform
 
    148  Stream end reasons from the client side should be uniform
 
+   149  Using data from NETINFO cells
 
  NEEDS-REVISION:
 
  NEEDS-REVISION:
 
    110  Avoiding infinite length circuits
 
    110  Avoiding infinite length circuits
 
    117  IPv6 exits
 
    117  IPv6 exits

+ 43 - 0
doc/spec/proposals/149-using-netinfo-data.txt
View File 

@@ -0,0 +1,43 @@
 
+Filename: 149-using-netinfo-data.txt
 
+Title: Using data from NETINFO cells
 
+Version: $Revision$
 
+Last-Modified: $Date$
 
+Author: Nick Mathewson
 
+Created: 2-Jul-2008
 
+Status: Open
 
+
 
+Overview
 
+
 
+   Current Tor versions send signed IP and timestamp information in
 
+   NETINFO cells, but don't use them to their fullest.  This proposal
 
+   describes how they should start using this info in 0.2.1.x.
 
+
 
+Motivation
 
+
 
+   Our directory system relies on clients and routers having
 
+   reasonably accurate clocks to detect replayed directory info, and
 
+   to set accurate timestamps on directory info they publish
 
+   themselves.  NETINFO cells contain timestamps.
 
+
 
+   Also, the directory system relies on routers having a reasonable
 
+   idea of their own IP addresses, so they can publish correct
 
+   descriptors.  This is also in NETINFO cells.
 
+
 
+Learning the time and IP
 
+
 
+   We need to think about attackers here.  Just because a router tells
 
+   us that we have a given IP or a given clock skew doesn't mean that
 
+   it's true.  We believe this information only if we've heard it from
 
+   a majority of the routers we've connected to recently, including at
 
+   least 3 routers.  Routers only believe this information if the
 
+   majority inclues at least one authority.
 
+
 
+Avoiding MITM attacks
 
+
 
+   Current Tors use the IP addresses published in the other router's
 
+   NETINFO cells to see whether the connection is "canonical".  Right
 
+   now, we prefer to extend circuits over "canonical" connections.  In
 
+   0.2.1.x, we should refuse to extend circuits over non-canonical
 
+   connections without first trying to build a canonical one.
 
+
 
+