Hi,
On 3/27/2016 1:00 PM, George Kadianakis wrote:
[snip]
https://lists.torproject.org/pipermail/tor-dev/2015-November/009871.html
Hmm, this seems like something worth considering.
IIUC you are basically suggesting using a single guardlist instead of having two. And then also making sure that a representative amount of dystopic bridges are present in that guardlist. So if the set of guards in the latest consensus is 20% dystopic bridges (in bandwidth), we should choose 20% of our guardlist to be dystopic guards.
I can see how this simplifies the guard selection logic, with the cost of slightly complicating the guard sampling logic. It seems like a good trade in this case.
However, this whole suggestion assumes that a good percentage of the total guard bandwidth is actually dystopic (your mail assumes 28% which is a pretty good number). What's the actual bandwidth % of dystopic bridges in the current network? If it's 20% it's a good number for our purposes, but if it's like 1% then that's bad since we are only going to end up adding 1 or 2 dystopic bridges only making our heuristic much more flaky. Also, in the end the quality of our heuristic will depend on this % which is suboptimal.
FWIW in my definition of dystopic bridge above I've been assuming it's bridges with ORPort on 80 or 443.
We should look more into this. Reinaldo, Ola, any comments? Is this simulatable?
Ok, sounds fair. But if the total percentage of dystopic guards (ORPort on 80 or 443) is 1% if the total Guard bandwidth it's true that a general combined list will have maybe 1 or 2 dystopic guards, making it kind of suboptimal.
But I think it's equally suboptimal if we have 2 separate lists (utopic and dystopic) and the dystopic guard list will contain only few dystopic guards or same dystopic guards for all clients (if there's only 1% of dystopic guard bandwidth). I guess this is an 'tor-environment' problem outside the scope of prop#259, and in case we will have only 1% of dystopic guards we will experience overloads and usability problems for users behind FascistFirewalls regardless if we use a combined list or two separate lists. But on the other hand if we use one combined list we could simplify guard selection logic and maybe win some seconds for first successful connection.