architectural proposal & technical problems
Roger Dingledine
arma at mit.edu
Mon Apr 30 11:16:30 UTC 2007
On Fri, Apr 27, 2007 at 12:39:13PM -0400, Nick Mathewson wrote:
> > Having the possibility to choose arbitrary exits within one
> > circuit would also enable us to do the measurements on
> > partial circuits. What do you think about that?
>
> This should be do-able by modifying the control protocol to adding an
> extra flag to ATTACHSTREAM, right?
>
> That is, you'd have a controller listen for circuit and stream events.
> You'd tell the controller to build a circuit. Then you'd launch a
> stream to localost and say something like,
>
> ATTACHSTREAM (yourstream) (yourcircuit) HOP=2
>
> to attach the stream to the second hop. Then you'd time the delay
> between the ATTACHSTREAM and receiving the END cell.
I just implemented this:
http://archives.seul.org/or/cvs/Apr-2007/msg00137.html
It's not quite what Johannes wanted, because we currently still refuse to
attach to a 1-hop circuit, and now we also refuse to attach to the 1st
hop of a circuit. This is to discourage people from using Tor as a one
hop proxy, for the safety of our server operators (see paragraph 3 of
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#VariablePathLength).
Of course, it's not hard to change the code to take that check out
on the client side; and if you're doing the tests from a server
listed in the directory, the other Tor servers will likely let you
use a one-hop circuit. Is that good enough, or should we revisit the
client-disallows-single-hop-circuits-too idea?
Thanks,
--Roger
More information about the tor-dev
mailing list