On Wed, May 17, 2017 at 02:51:48PM +0300, George Kadianakis wrote:
==================== Design topics ====================
- Optimize proposal parameters
** Optimize guardset sizes ** Optimize guardset lifetimes and prob distributions (minXX/maxXX/uniform?) ** To take informed decision, we might need a prop247 simulator, or an actual PoC with txtorcon
Thanks George.
I've just looked through prop#247 and the past tor-dev threads.
Another item to add to the design discussion list, unless it got resolved while I wasn't looking:
* Do we do the vanguard design for *client* connections to onion services too?
* And slipping further down that slope, how does this vanguard design compare to Mike's virtual circuit hopes for all user circuits: https://bugs.torproject.org/15458
We're going to have to think about scope for the meeting, so we cover all the breadth of things we ought to cover, without also letting it balloon into a "I think Tor should do X \forall X" week.
In particular, I think it might be smart to sort through (make a list of) all the various attacks and concerns we want to consider, so we can optimize against them all without forgetting some.
For example, based on what I've read so far, I'm planning to propose that we have one 3rd level vanguard for each 2nd level vanguard, since that way we have the option to rotate it most quickly (if we decide we want that), and the load balancing works out better than the other options I've heard (e.g. compared to choosing a slow 2nd level vanguard and then four 3rd level vanguards which don't help us much because the bottleneck is at the 2nd level).
Oh, and finally, for those who don't know about phrases like "the downhill path algorithm", which was where many of these "multi hop guard" designs started, be sure to look through https://www.freehaven.net/anonbib/#ccs2011-trust
Whew, --Roger