[tor-dev] Tor proposals implemented in Tor 0.2.3.x

Ian Goldberg iang at cs.uwaterloo.ca
Sat Jun 30 17:29:50 UTC 2012


On Sat, Jun 30, 2012 at 07:03:19PM +0200, Fabian Keil wrote:
> Nick Mathewson <nickm at freehaven.net> wrote:
> 
> > IMPLEMENTED IN 0.2.3.x
> 
> >    174  Optimistic Data for Tor: Server Side
> >    181  Optimistic Data for Tor: Client Side
> > 
> >      This one is a performance hack that hasn't seen its full impact
> >      yet.  Starting with Tor 0.2.3.x, clients MAY send data to the
> >      exit node before finding out whether the exit has been able to
> >      successfully connect to the destination server.  Previously, it
> >      took an extra round trip for clients to wait to see whether the
> >      exit said "Yes, I'm connected" before they were allowed to send
> >      data for the exit.
> > 
> >      This should make connection startup faster in many protocols
> >      where the client speaks first (http, https), as more and more
> >      client programs gain support for it.
> 
> Is optimistically sending data for non-testing purposes recommended?
> 
> The "Security implications" in 181 seem to imply that it isn't,
> but the man page doesn't mention any risks. Is that because they
> are considered obvious, or simply an oversight?

The issue is that an exit node that supports optimistic data can tell
when a client is using that feature.  So if only a handful of clients
have upgraded to a TBB that supports it (none does at this time),
they'll stand out.  That's why the default is "use the consensus value",
which is currently off.  The consensus value can be turned on later,
when "enough" people can support it.

circuituse.c:

/** Return true iff client-side optimistic data is supported. */
static int
optimistic_data_enabled(void)
{
  const or_options_t *options = get_options();
  if (options->OptimisticData < 0) {
    /* XXX023 consider having auto default to 1 rather than 0 before
     * the 0.2.3 branch goes stable. See bug 3617. -RD */
    const int32_t enabled =
      networkstatus_get_param(NULL, "UseOptimisticData", 0, 0, 1);
    return (int)enabled;
  }
  return options->OptimisticData;
}


   - Ian


More information about the tor-dev mailing list