[tor-bugs] #17728 [Core Tor/Tor]: Use NETINFO handshake rather than date header to check time with authorities
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 1 20:33:36 UTC 2017
#17728: Use NETINFO handshake rather than date header to check time with
authorities
---------------------------------------+----------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-03-unspecified-201612 | Actual Points:
Parent ID: #9675 | Points:
Reviewer: | Sponsor:
---------------------------------------+----------------------------------
Old description:
> tor currently checks its clock against the directory authorities by
> reading the HTTP date header in the directory documents.
>
> In #15775, we allow clients to bootstrap using fallback directories,
> rather than authorities.
>
> In #4483, we make multiple connections, and use the first connection that
> starts downloading. If there are multiple connections downloading, we
> favour authority connections, so that tor can still get a clock check.
>
> But if tor used the date from ~~the TLS handshake~~, it could abort
> authority connections sooner. This would place less load on the
> authorities.
>
> This would be similar to the tlsdate implementation:
> https://github.com/ioerror/tlsdate
>
> Edited: Look at the netinfo cell, not the TLS handshake. -- nickm
New description:
tor currently checks its clock against the directory authorities by
reading the HTTP date header in the directory documents.
In #15775, we allow clients to bootstrap using fallback directories,
rather than authorities.
In #4483, we make multiple connections, and use the first connection that
starts downloading. If there are multiple connections downloading, we
favour authority connections, so that tor can still get a clock check.
But if tor used the date from ~~the TLS handshake~~, it could get
directory documents from a fallback directory, and abort authority
connections sooner. This would place less load on the authorities.
This would be similar to the tlsdate implementation:
https://github.com/ioerror/tlsdate
Edited: Look at the netinfo cell, not the TLS handshake. -- nickm
--
Comment (by teor):
Clarify that this ticket is about efficiency, allowing clients to stop
authority connections after the NETINFO cell, rather than downloading
directory documents to check the time.
(This could be complex, because we don't want to cancel the non-authority
connections, and then have to start again.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17728#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list