[tor-bugs] #17773 [Core Tor/Tor]: Should clients avoid using guards that lost the Guard flag?

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jun 29 13:01:08 UTC 2016

#17773: Should clients avoid using guards that lost the Guard flag?
 Reporter:  arma               |          Owner:  arma
     Type:  enhancement        |         Status:  accepted
 Priority:  Medium             |      Milestone:  Tor: 0.2.???
Component:  Core Tor/Tor       |        Version:
 Severity:  Normal             |     Resolution:
 Keywords:  TorCoreTeam201606  |  Actual Points:
Parent ID:                     |         Points:  medium?
 Reviewer:                     |        Sponsor:

Comment (by asn):

 Replying to [comment:16 arma]:
 > Ok, I looked at the code again, and asn is right. We currently do the
 opposite of what I thought we did, and based on the discussions above, I
 think we should change our behavior to do what I thought we did.

 I also think that the idea of keeping non-Guard relays that were once your
 guard, has '''slightly''' better security properties than ditching them.

 I stressed slightly because I don't feel too strong about either way here.

 For an example of a negative edge case, consider a relay whose operator is
 no longer able to keep its uptime and it loses its guard flag. If that
 relay is flaky, any client that uses it will have to move to other guards
 when that relay is down, so the client will get exposed to more guards

 > Does this want a mini-proposal? How do we best proceed from here? Also,
 is this choice orthogonal to all the recent prop#259 work?

 Funny thing is that all prop259 versions so far (including nick's newest
 one) seem to suggest the current behavior. That is, upon receiving a fresh
 consensus, we stop using guards that have lost their Guard flag.

 If we think the other approach is better, we should lobby it to Nick for
 inclusion in his current proposal.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17773#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list