On Thu, May 21, 2020 at 08:03:03PM +0200, tschador@posteo.de wrote:

after an update of tor it always take about 4 days to get the HSDir flag back while the other flags are set very qick. What is the reason for this delay?

It's because the directory authorities are configured to wait that long before assigning the flag. See the MinUptimeHidServDirectoryV2 option: https://gitweb.torproject.org/tor.git/tree/src/feature/dirauth/dirauth_optio... It used to be 25 hours, long ago, with the reasoning that if a relay hasn't been up for a day, then it's too likely to go away again soon, and this churn causes reliability problems in reaching onion services. We changed it to 96 hours in late 2014, when we saw a Sybil attack (many new relays suddenly appearing) and realized that while they wouldn't become Guards for a while, they would become HSDirs quite quickly, and maybe we want to give ourselves a few more days after new relays appear before they get to become HSDirs. And here are two tickets on doing even more to make it hard for jerks to sign up relays with the goal of cheaply getting the HSDir flag: https://bugs.torproject.org/16538 and https://bugs.torproject.org/19162 And of course the long term fix is to drop the deprecated v2 onion service design, since the v3 onion service design is much better at limiting what an HSDir relay can learn about onion services: https://www.youtube.com/watch?v=Di7qAVidy1Y Hope this helps, --Roger