[tor-bugs] #15775 [Tor]: Add IPv4 Fallback Directory List to tor, active by default

Tue May 12 17:48:29 UTC 2015

#15775: Add IPv4 Fallback Directory List to tor, active by default
-----------------------------+----------------------------------------
     Reporter:  teor         |      Owner:  teor
         Type:  enhancement  |     Status:  accepted
     Priority:  major        |  Milestone:  Tor: 0.2.7.x-final
    Component:  Tor          |    Version:  Tor: 0.2.4.7-alpha
   Resolution:               |   Keywords:  tor-dist, 027-triaged-1-in
Actual Points:               |  Parent ID:  #15228
       Points:               |
-----------------------------+----------------------------------------
Description changed by teor:

Old description:

> weasel writes on tor-dev:
>
> Tor has included a feature to fetch the initial consensus from nodes
> other than the authorities for a while now.  We just haven't shipped a
> list of alternate locations for clients to go to yet.
>
> Reasons why we might want to ship tor with a list of additional places
> where clients can find the consensus is that it makes authority
> reachability and BW less important.
>
> At the last Tor dev meeting we came up with a list of arbitrary
> requirements that nodes should meet to be included in this list.
>
> We want them to have been around and using their current key, address,
> and port for a while now (120 days), and have been running, a guard, and
> a v2 directory mirror for most of that time.
>
> I have written a script to come up with a list of notes that match our
> criteria.  It's currently at
> https://www.palfrader.org/volatile/fallback-dir/get-fallback-dir-
> candidates
>
> It currently produces
> https://www.palfrader.org/volatile/2015-04-17-VjBkc8DWV8c/list
>
> See https://lists.torproject.org/pipermail/tor-dev/2015-April/008674.html
>
> This file current has 329 entries, and takes up approximately 32kB.
> If we hard-coded it in the binary like the authorities, it would increase
> the binary size by approximately 2% on my platform.
>
> Edit: nickm favours putting it in `torrc.defaults`
>
> Do we expect this in by 0.2.7?
>
> Edit: Yes
>
> Do we want to work on a signed file first (#15774)?
> (A signed file needs a well-defined threat model and signature
> verification has to work without access to the authorities or fallback
> directories.)
>
> Edit: No clear threat model, defer.

New description:

 weasel writes on tor-dev:

 Tor has included a feature to fetch the initial consensus from nodes
 other than the authorities for a while now.  We just haven't shipped a
 list of alternate locations for clients to go to yet.

 Reasons why we might want to ship tor with a list of additional places
 where clients can find the consensus is that it makes authority
 reachability and BW less important.

 At the last Tor dev meeting we came up with a list of arbitrary
 requirements that nodes should meet to be included in this list.

 We want them to have been around and using their current key, address,
 and port for a while now (120 days), and have been running, a guard, and
 a v2 directory mirror for most of that time.

 I have written a script to come up with a list of notes that match our
 criteria.  It's currently at
 https://www.palfrader.org/volatile/fallback-dir/get-fallback-dir-
 candidates

 It currently produces
 https://www.palfrader.org/volatile/2015-04-17-VjBkc8DWV8c/list

 See https://lists.torproject.org/pipermail/tor-dev/2015-April/008674.html

 This file current has 329 entries, and takes up approximately 32kB.
 If we hard-coded it in the binary like the authorities, it would increase
 the binary size by approximately 2% on my platform.

 Edit: nickm favours putting it in `torrc.defaults`
 Edit 2: weasel notes `torrc.defaults` is for package maintainers. Putting
 it in a list of strings in the code. Much like the authorities.

 Do we expect this in by 0.2.7?

 Edit: Yes

 Do we want to work on a signed file first (#15774)?
 (A signed file needs a well-defined threat model and signature
 verification has to work without access to the authorities or fallback
 directories.)

 Edit: No clear threat model, defer.

--

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15775#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online