commit 07de4f0ef9ba0d623de31816b55bfe76606d1a9f Author: teor (Tim Wilson-Brown) teor2345@gmail.com Date: Fri Nov 20 11:25:41 2015 +1100
Update RSOS proposal: RendPostPeriod and other option recommendations --- proposals/ideas/xxx-rend-single-onion.txt | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-)
diff --git a/proposals/ideas/xxx-rend-single-onion.txt b/proposals/ideas/xxx-rend-single-onion.txt index 5cfbe1a..d402618 100644 --- a/proposals/ideas/xxx-rend-single-onion.txt +++ b/proposals/ideas/xxx-rend-single-onion.txt @@ -174,13 +174,21 @@ Status: Draft The default PredictedPortsRelevanceTime setting creates additional, unnecessary connections.
- RendPostPeriod 0 seconds - This option typically hides the startup time of a hidden service by - randomly posting over a 2 hour period. Since single onion services - value speed over anonymity, they can post descriptors straight away. - (Actually, 30 seconds after they bootstrap, for descriptor stability.) + High-churn / quick-failover RSOS using descriptor competition strategies + should consider setting the following option:
- However, we do not recommend setting the following option to 1, unless bug + RendPostPeriod 600 seconds + Refresh onion service descriptors, choosing an interval between + 0 and 2*RendPostPeriod. Tor also posts descriptors on bootstrap, and + when they change. + (Strictly, 30 seconds after they first change, for descriptor + stability.) + + XX - Reduce the minimum RendPostPeriod for RSOS to 1 minute? + XX - Make the initial post 30 + rand(1*rendpostperiod) ? + (Avoid thundering herd, but don't hide startup time) + + However, we do NOT recommend setting the following option to 1, unless bug #17359 is resolved so tor onion services can bootstrap without predicted circuits.
@@ -198,6 +206,9 @@ Status: Draft service tor instance. Since tor runs as a client (and not a relay) by default, rendezvous single onion service operators should set:
+ XX - George says we don't allow operators to run HS/Relay any more, + or that we warn them. + SocksPort 0 Disallow connections from client applications to the tor network via this tor instance.