[tor-dev] Proposal 214: Allow 4-byte circuit IDs in a new link protocol
Nick Mathewson
nickm at alum.mit.edu
Wed Nov 7 19:28:29 UTC 2012
On Wed, Nov 7, 2012 at 12:51 AM, Roger Dingledine <arma at mit.edu> wrote:
> On Tue, Nov 06, 2012 at 10:10:15PM -0500, Nick Mathewson wrote:
> > > And if a very few do, maybe the solution is to
> > > move to a new TLS connection for those rare cases, rather than impose
> > > a 2-byte penalty on every cell in all cases.)
> >
> > Maaaybe, but I sure can't think of a sane testable design for that. Can
> > you? To do this sanely, we'd need to negotiate this before we exchange
> any
> > actual data, and predict in advance that we'd want it. (We wouldn't want
> to
> > do it on-the-fly for connections that happen to have large numbers of
> > circuits: that way lies madness.)
> >
> > Also, I think those "rare cases" are communications between the busiest
> Tor
> > nodes. I think those communications might represent a reasonably large
> > fraction of total Tor bytes, such that having a fallback mode might not
> > save us so much.
>
> Ah. By "a new TLS connection", I didn't mean a new design or anything --
> I meant simply a second TLS connection.
I wouldn't feel very good about this route: there are enough places in our
design that assume one canonical OR connection with any given relay that
changing this assumption would be emphatically nontrivial and error-prone.
On the other hand, reports of circuid ID exhaustion might be premature; I
get no hits searching for "No unused circ IDs. Failing" except for our
source code. Has anybody seem that warning IRL?
--
Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20121107/79cf3d3a/attachment.html>
More information about the tor-dev
mailing list