[tor-bugs] #18963 [Core Tor/Tor]: Download authority certificates even under blackholed authorities or fallbacks
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 4 05:31:15 UTC 2016
#18963: Download authority certificates even under blackholed authorities or
fallbacks
------------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.???
Component: Core Tor/Tor | Version: Tor: 0.2.8.1-alpha
Severity: Normal | Keywords: 029-proposed
Actual Points: | Parent ID:
Points: medium | Reviewer:
Sponsor: |
------------------------------+--------------------------------
Our fix for #18816 is still not great if a significant number of fallbacks
are blocked or blackholed.
There are a few options to deal with this:
* do what we do with the consensus, and try multiple, simultaneous
connections to both authorities and fallback directories, use the first
one that succeeds, and close the rest,
* if the connection to a fallback fails, try an authority (this still
doesn't help with blackholed fallbacks),
* or any of the other options arma mentions in #18816:
> Longer term (0.2.9 and later), I think we should explore a) having
directory_get_from_dirserver() notice that there are tls conns established
to dir mirrors that we just recently used (and prefer them), or b) trying
to explicitly remember the dir mirror that gave us the consensus and re-
use it, and/or c) designing a piggy-back mechanism so we can ask for "the
certs that go with this consensus" when we're fetching a consensus and we
know we will want the certs for it too (thus saving a round-trip).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18963>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list