[tor-bugs] #5048 [Tor Relay]: cbtmintimeout should have a lower maximum

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Feb 9 09:19:34 UTC 2012 

#5048: cbtmintimeout should have a lower maximum
-----------------------+----------------------------------------------------
 Reporter:  nickm      |          Owner:                    
     Type:  defect     |         Status:  new               
 Priority:  normal     |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Relay  |        Version:                    
 Keywords:             |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by arma):

 {{{
 <wanoskarnet> cbtmintimeout can't be more than 60 s, as it what tor used
 for 5
 years as staticaly limited cbt. It have no sense to raise timeout because
 consensus limit is 61 s.
 <wanoskarnet> maximum of cbtinitialtimeout is 120 seconds. Because
 SocksTimeout is 120 seconds. It have no sense to have timeout more than
 socks
 client can waiting for.
 <wanoskarnet> "if it wouldn't actually cause Tor to die, it's a valid
 value"
 is wrong logic. you limiting 0.001% of users that can't normally or can't
 use
 tor at all because senseless consensus params. No need to segregate user
 just
 because connection stuff.
 > re "cbtmintimeout can't be more than 60 s", part of the reason for cbt
 was
 to allow the timeout to be *more* than 60s if it needs to be.
 > re "SocksTimeout is 120 seconds", if a client changes sockstimeout, and
 the consensus changes the initialtimeout, then it can work. why disallow
 it?
 > re "limiting 0.001% of users that can't normally or can't use tor at
 all", i
 still don't understand. are you saying a high value would make most people
 unable to use tor at all?
 <wanoskarnet> cbtmintimeout is about min of cbt, of course cbt can be more
 than 60 s for some cases.
 <wanoskarnet> but cbtmintimout from consensus can't be more than 60s
 > also, sockstimeout is for streams, and cbt is for circuits. so you can
 still
 use a circuit that took 400 seconds to build, and have your socks
 handshake
 finish within 120. (neither of which will be fun, but hey)
 <wanoskarnet> yes, I just try to find senseless limits.
 <wanoskarnet> s/senseless/correct/
 > if three directory authorities conspire, they can do bad things. they
 shouldn't do bad things. i think that's a good enough policy.
 > maybe that means we should have current directory authorities vote for
 the
 current defaults?
 > that way it would take way more than 3 dir auths to conspire.
 <wanoskarnet> it is not about conspirasy. it's about non informed aut and
 bad
 conns in the noeth pole isp.
 > which could also be solved by having authorities vote for the current
 defaults.
 > shall i add your comments to the trac ticket so other people might see
 them?
 <wanoskarnet> ok
 }}}

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5048#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list