Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6008fcf863
Branches Tags
tor-parallel...
/
doc
/
spec
/
proposals
/
ideas
/
xxx-automatic-node-promotion.txt

xxx-automatic-node-promotion.txt 3.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. Filename: xxx-automatic-node-promotion.txt
    2. 

  2. Title: Automatically promoting Tor clients to nodes
    3. 

  3. Author: Steven Murdoch
    4. 

  4. Created: 12-Mar-2010
    5. 

  5. Status: Draft
    6. 

  6. Target:
    7. 

  7. 

  8. 1. Overview
    9. 

  9. 

  10.    This proposal describes how Tor clients could determine when they
    11. 

  11.    have sufficient bandwidth capacity and are sufficiently reliable to
    12. 

  12.    become either bridges are Tor servers. When they meet this
    13. 

  13.    criteria, they will automatically promote themselves, based on user
    14. 

  14.    preferences. The proposal also defines the new controller messages
    15. 

  15.    and options which will control this process.
    16. 

  16. 

  17. 2. Motivation and history
    18. 

  18. 

  19.    Tor has a growing user-base and one of the major impediments to the
    20. 

  20.    quality of service offered is the lack of network capacity. This is
    21. 

  21.    particularly the case for bridges, because these are gradually
    22. 

  22.    being blocked, and thus no longer of use to people within some
    23. 

  23.    countries. By automatically promoting Tor clients to bridges, and
    24. 

  24.    perhaps also to full public servers, this proposal aims to solve
    25. 

  25.    these problems.
    26. 

  26.  
    27. 

  27.    Only Tor clients which are sufficiently useful should be promoted,
    28. 

  28.    and the process of determining usefulness should be performed
    29. 

  29.    without reporting the existence of the client to the central
    30. 

  30.    authorities. The criteria used for determining usefulness will be
    31. 

  31.    in terms of bandwidth capacity and uptime, but parameters should be
    32. 

  32.    specified in the directory consensus. State stored at the client
    33. 

  33.    should be in no more detail than necessary, to prevent sensitive
    34. 

  34.    information being recorded.
    35. 

  35. 

  36. 3. Design
    37. 

  37. 

  38. 3.x Opt-in state model
    39. 

  39. 

  40.    Tor can be in one of five node-promotion states:
    41. 

  41. 

  42.    - off (O): Currently a client, and will stay as such
    43. 

  43.    - auto (A): Currently a client, but will consider promotion
    44. 

  44.    - bridge (B): Currently a bridge, and will stay as such
    45. 

  45.    - auto-bridge (AB): Currently a bridge, but will consider promotion
    46. 

  46.    - server (S): Currently a public server, and will stay as such
    47. 

  47. 

  48.    The state can be fully controlled from the configuration file or
    49. 

  49.    controller, but the normal state transitions are as follows:
    50. 

  50. 

  51.    Any state -> off: User has opted out of node promotion
    52. 

  52.    Off -> any state: Only permitted with user consent
    53. 

  53. 

  54.    Auto -> auto-bridge: Tor has detected that it is sufficiently
    55. 

  55.     reliable to be a *bridge*
    56. 

  56.    Auto -> bridge: Tor has detected that it is sufficiently reliable
    57. 

  57.     to be a *server*, but the user has chosen to remain a *bridge*
    58. 

  58.    Auto -> server: Tor has detected that it is sufficiently reliable
    59. 

  59.     to be *server*, and will skip being a *bridge*
    60. 

  60.    Auto-bridge -> server: Tor has detected that it is sufficiently
    61. 

  61.     reliable to be a *server*
    62. 

  62. 

  63.    Note that this model does not support demotion. If this is
    64. 

  64.    desirable, there should be some memory as to whether the previous
    65. 

  65.    state was server, bridge, or auto-bridge. Otherwise the user may be
    66. 

  66.    prompted to become a server, although he has opted to only be a
    67. 

  67.    bridge.
    68. 

  68. 

  69. 3.x User interaction policy
    70. 

  70. 

  71.    There are a variety of options in how to involve the user into the
    72. 

  72.    decision as to whether and when to perform node promotion. The
    73. 

  73.    choice also may be different when Tor is running from Vidalia (and
    74. 

  74.    thus can readily prompt the user for information), and standalone
    75. 

  75.    (where Tor can only log messages, which may or may not be read).
    76. 

  76. 

  77.    The option requiring minimal user interaction is to automatically
    78. 

  78.    promote nodes according to reliability, and allow the user to opt
    79. 

  79.    out, by changing settings in the configuration file or Vidalia user
    80. 

  80.    interface.
    81. 

  81. 

  82.    Alternatively, if a user interface is available, Tor could prompt
    83. 

  83.    the user when it detects that a transition is available, and allow
    84. 

  84.    the user to choose which of the available options to select.
    85. 

  85. 

  86.    Finally, Tor could by default not make any transition, and the user
    87. 

  87.    would need to opt in by stating the maximum level (bridge or
    88. 

  88.    server) to which the node may automatically promote itself.
    89. 

  89. 

  90. 3.x New options
    91. 

  91. 

  92. 3.x New controller message
    93. 

  93. 

  94. 4. Related proposals
    95. 

  95. 

  96. 5. Open questions:
    97.