tor directory servers / tor pki issues

Adam Shostack adam at
Mon Sep 23 22:20:11 UTC 2002

On Mon, Sep 23, 2002 at 05:23:53PM -0400, Roger Dingledine wrote:
| On Mon, Sep 23, 2002 at 05:16:43PM -0400, Adam Shostack wrote:
| > What's the uptime of a router?  We had routers that flapped, which
| > meant that the directory was out of date when you got it, which is
| > ugly.  The right fix is high reliability servers, but you also need to
| > accept that part of your directory may be out of date.
| Well, I think we need to have routers that are unlikely to be gone in
| the next hour. Specifically, given that users choose paths with 2 or
| more routers, we want the chance that *any* router in the path is down
| to be quite low.

Sure.  Do we?  Will we?

| Down the road, the directory server can maintain rudimentary statistics
| and choose not to list routers which are there but not reliable 'enough'.
| I've already fixed the onion proxy so it can distinguish between "you
| completed the connection to the webserver and then it closed" from "your
| connection closed and it hadn't made it to the exit node yet". In theory
| the onion proxy could automatically retry if the onion didn't work;
| is this a good idea or a bad idea?

Depends if you want security or reliability, I think.  If you get a
(possibly forged) TCP rst, then do you go to another node?  Can I move
you onto the nodes I own in that situation?


"It is seldom that liberty of any kind is lost all at once."

More information about the tor-dev mailing list