141: exit policy summary

Thu Aug 14 12:39:57 UTC 2008

On Tue, 12 Aug 2008, Peter Palfrader wrote:

> On Tue, 12 Aug 2008, Nick Mathewson wrote:
> 
> > On Tue, Aug 12, 2008 at 01:00:53AM +0200, Peter Palfrader wrote:
> > > On Mon, 11 Aug 2008, Peter Palfrader wrote:
> > > 
> > > >   An exit policy summary will be included in votes and consensus as a
> > > >   new line attached to each exit node.  A lack of policy should indicate
> > > >   a non-exit policy.  The line will have the format
> > > >    "p" <space> "accept"|"reject" <portlist>
> > > >   where portlist is a comma seperated list of single port numbers or
> > > >   portranges (e.g.  "22,80-88,1024-6000,6667").  Whether the summary
> > > >   shows the list of accepted ports or the list of rejected ports depends
> > > >   on which list is shorter (has less elements).  In case of ties we
> > >                                  s/less elements/a shorter string representation/
> > > >   choose the list of accepted ports.
> > 
> > I wonder if we shouldn't cap the length in order to keep people from
> > playing silly games to DOS the directory system with the likes of
> > 
> >    accept: 1,3,5,7,9,11,13,15,...
> 
> Didn't you recently introduce a maximum length for descriptors?

The spec now says to truncate lists at 1000 chars - which is still a
lot.

-- 
                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/