[tor-bugs] #20082 [Core Tor/Tor]: Lower initial descriptor upload delay for ephemeral services

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Sep 6 11:37:24 UTC 2016 

#20082: Lower initial descriptor upload delay for ephemeral services
-------------------------------+------------------------------
 Reporter:  twim               |          Owner:
     Type:  enhancement        |         Status:  new
 Priority:  Medium             |      Milestone:  Tor: 0.2.???
Component:  Core Tor/Tor       |        Version:
 Severity:  Normal             |     Resolution:
 Keywords:  tor-hs, research,  |  Actual Points:
Parent ID:                     |         Points:
 Reviewer:                     |        Sponsor:  SponsorR-can
-------------------------------+------------------------------

Comment (by twim):

 Replying to [comment:1 asn]:
 > Have you tested that the actual delay here is about 30 seconds? I
 remember people saying that the whole `rend_consider_services_upload()`
 function is borked. I think that would be nice to verify.

 I did and it takes exactly 30 seconds. Yes, it is kind of unclear from the
 code that this delay will be actually 30 seconds.

 > Now, if we believe that this delay actually offers security and we
 reduce it for `ADD_ONION` services, why not reduce it for all services? We
 don't really know the threat model of all the people who use `ADD_ONION`,
 so I'm not sure if we should take such a global decision.

 But we don't know the actual security benefit of having it 30sec either.

 > I think that your sugestion of making this a parameter of `ADD_ONION`
 might be a good approach. Although this assumes that all the people who
 use `ADD_ONION` actually understand the security threats here, which is
 quite doubtful...

 Yes, but it requires more code. :) I proposed this approach to leave all
 the crazy logic only for those who need it.

 I think one should understand what delay should be set and *why* (maybe
 someone do and I don't). But if it still unclear it's better to go on with
 ADD_ONION flag.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20082#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list