[tor-bugs] #17728 [Core Tor/Tor]: Use NETINFO handshake rather than date header to check time with authorities

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 1 20:33:36 UTC 2017


#17728: Use NETINFO handshake rather than date header to check time with
authorities
---------------------------------------+----------------------------------
 Reporter:  teor                       |          Owner:
     Type:  enhancement                |         Status:  new
 Priority:  Medium                     |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor               |        Version:
 Severity:  Normal                     |     Resolution:
 Keywords:  tor-03-unspecified-201612  |  Actual Points:
Parent ID:  #9675                      |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+----------------------------------

Old description:

> tor currently checks its clock against the directory authorities by
> reading the HTTP date header in the directory documents.
>
> In #15775, we allow clients to bootstrap using fallback directories,
> rather than authorities.
>
> In #4483, we make multiple connections, and use the first connection that
> starts downloading. If there are multiple connections downloading, we
> favour authority connections, so that tor can still get a clock check.
>
> But if tor used the date from ~~the TLS handshake~~, it could abort
> authority connections sooner. This would place less load on the
> authorities.
>
> This would be similar to the tlsdate implementation:
> https://github.com/ioerror/tlsdate
>
> Edited: Look at the netinfo cell, not the TLS handshake. -- nickm

New description:

 tor currently checks its clock against the directory authorities by
 reading the HTTP date header in the directory documents.

 In #15775, we allow clients to bootstrap using fallback directories,
 rather than authorities.

 In #4483, we make multiple connections, and use the first connection that
 starts downloading. If there are multiple connections downloading, we
 favour authority connections, so that tor can still get a clock check.

 But if tor used the date from ~~the TLS handshake~~, it could get
 directory documents from a fallback directory, and abort authority
 connections sooner. This would place less load on the authorities.

 This would be similar to the tlsdate implementation:
 https://github.com/ioerror/tlsdate

 Edited: Look at the netinfo cell, not the TLS handshake. -- nickm

--

Comment (by teor):

 Clarify that this ticket is about efficiency, allowing clients to stop
 authority connections after the NETINFO cell, rather than downloading
 directory documents to check the time.

 (This could be complex, because we don't want to cancel the non-authority
 connections, and then have to start again.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17728#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list