Proposal 163: Detecting whether a connection comes from a client

Sebastian Hahn hahn.seb at
Sat Jun 6 00:24:56 UTC 2009

Hash: SHA1

Next part of the proposal feedback message flood:

On May 22, 2009, at 8:59 AM, Nick Mathewson wrote:
>   For these servers, we should attempt to build one or more test
>   circuits through them.  If enough of the circuits succeed, the
>   node is a real relay.  If not, it is probably a client.
>   While we are waiting for the test circuits to succeed, we should
>   allow a short grace period in which server privileges are
>   permitted.  When a test is done, we should remember its outcome
>   for a while, so we don't need to do it again.
> [snip]

>   If we can build circuits starting at a suspect node, but we don't
>   have enough information to try extending circuits elsewhere
>   through the node, should we conclude that the node is
>   "server-like" or not?

imo, that's not a server.

I think we should wait for servers to appear in the consensus during  
the first part of the 48 hours "we accept you as a relay" period  
(after we could extend circuits to the node). If they don't appear in  
that period, treat them as clients for the rest of the grace period.  
Drawback: Bridges won't be listed in the consensus, yet their  
bandwidth consumption might be legitimate since they can be serving  
many clients. Not sure where to draw the line here.
If we don't do something like that, someone can be act like a relay  
for 10 minutes and then stop being one, after two days, start the game  
again, etc.



More information about the tor-dev mailing list