[tor-bugs] #16059 [Tor]: Add a "rendezvous approver" control API
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 16 21:27:24 UTC 2015
#16059: Add a "rendezvous approver" control API
-------------------------------------------+------------------------------
Reporter: special | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.???
Component: Tor | Version:
Keywords: tor-hs control needs-proposal | Actual Points:
Parent ID: | Points:
-------------------------------------------+------------------------------
From the discussion on mitigating HS denial of service in #16052:
> Add a "rendezvous approver" control API, which gives an opted-in
controller the chance to approve or deny all rendezvous circuit and stream
requests before they're acted upon. This would allow us to make more
complex and useful mitigations as third party software.
This might be useful for:
* Rate limiting; at most N unauthenticated clients per Y
* Extra-conservative logic like "stop accepting connections during
potential guard discovery"
* Limiting capacity to control server load; only allow N simultaneous
clients.
* Protocol-tuned rules for things like Ricochet
* More advanced pre-rendezvous authorization
arma also noted:
> Speaking of the mitigator, the original HS design had the services
giving out tokens to preferred users, who then use the token to get access
during times of high load.
This could be built by using a new auth type for access tokens, and
checking them in the approver.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16059>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list