[tor-dev] Reducing initial onion descriptor upload delay (down to 0s?)
Ivan Markin
twim at riseup.net
Thu Sep 8 10:36:00 UTC 2016
teor:
>> * Can we set it back to 5s thus avoiding issues that can arise after
>> removing the delay?
>
> Let's base the delay on the amount of time it takes for a HS descriptor to stabilise.
> This is the situation we're trying to prevent:
> * the HS opens all its intro point circuits
> * it sends its descriptor
> * one of the intro points fails
> * it sends another descriptor
>
> If this hardly ever happens in the first 30 seconds, we likely don't need any delay at all.
> But how could we measure how frequent this is, and how long it takes?
IMO an onion service should publish its first descriptor instantly. If
something happens afterwards and one has to fix the descriptor - deal
with it with backoff/delay to prevent DoS on HSDirs.
I think that most of the ephemeral services are not going to use more
than one descriptor. Moreover, they are going to use just one
introduction point. So it's not a big deal if one of the published IPs
fails since a client is going to use one of the rest.
Also note the reachability issue I mentioned.
> It would be nice to have this change in 0.2.9 for Single Onion
> Services and I think also for HSs with OnionBalance
Same here. Most of the stuff that uses ADD_ONION is meant to setup onion
services instantly but has to wait 'until descriptor gets published'.
30s is too much.
--
Ivan Markin
More information about the tor-dev
mailing list