[tor-dev] Memory usage of Tor daemon
Yawning Angel
yawning at schwanenlied.me
Fri May 20 20:43:49 UTC 2016
On Fri, 20 May 2016 12:03:59 -0400
Tim Wilson-Brown - teor <teor2345 at gmail.com> wrote:
> > On 20 May 2016, at 11:59, Yawning Angel <yawning at schwanenlied.me>
> > wrote:
> >
> > What's strange about it. The client does the path selection. To
> > build a circuit, the client must know the public keys/ip/port for
> > the entire path and the exit policy.
>
> Clients could get away with only knowing the key fingerprints for
> relays in their paths, except for their Guards, which are the only
> relays they connect to directly. (This might mean a protocol
> redesign, because I think we send IP and port as well as fingerprint
> at the moment.)
There's a reason why the EXTEND2 cells contain an IP/port, and also
why nodes don't enforce "traffic was from/is to something in the
consensus".
The current existing design requires exactly what I stated (Everything
required for a client to craft an `EXTEND2` cell with a ntor payload).
> But do we really need to?
No. The person is complaining about something with 16 MiB of
non-volatile storage anyway.
In general I would be against clever crypto based approaches to limit
the amount of data the client downloads, just because "client knows
everything and does path selection" is easy to reason
about/analyze/implement. Maybe in the extreme long term this will make
sense.
Regards,
--
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160520/50554761/attachment-0001.sig>
More information about the tor-dev
mailing list