architectural proposal & technical problems

Roger Dingledine arma at mit.edu
Mon Apr 30 11:16:30 UTC 2007


On Fri, Apr 27, 2007 at 12:39:13PM -0400, Nick Mathewson wrote:
> >    Having the possibility to choose arbitrary exits within one
> >    circuit would also enable us to do the measurements on
> >    partial circuits. What do you think about that?
> 
> This should be do-able by modifying the control protocol to adding an
> extra flag to ATTACHSTREAM, right?
> 
> That is, you'd have a controller listen for circuit and stream events.
> You'd tell the controller to build a circuit.  Then you'd launch a
> stream to localost and say something like,
> 
>    ATTACHSTREAM (yourstream) (yourcircuit) HOP=2
> 
> to attach the stream to the second hop.  Then you'd time the delay
> between the ATTACHSTREAM and receiving the END cell.

I just implemented this:
http://archives.seul.org/or/cvs/Apr-2007/msg00137.html

It's not quite what Johannes wanted, because we currently still refuse to
attach to a 1-hop circuit, and now we also refuse to attach to the 1st
hop of a circuit. This is to discourage people from using Tor as a one
hop proxy, for the safety of our server operators (see paragraph 3 of
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#VariablePathLength).

Of course, it's not hard to change the code to take that check out
on the client side; and if you're doing the tests from a server
listed in the directory, the other Tor servers will likely let you
use a one-hop circuit. Is that good enough, or should we revisit the
client-disallows-single-hop-circuits-too idea?

Thanks,
--Roger



More information about the tor-dev mailing list