[tor-dev] Proposal #291 Properties (was IRC meeting)

teor teor2345 at gmail.com
Thu Apr 26 22:16:47 UTC 2018

> On 25 Apr 2018, at 18:30, Mike Perry <mikeperry at torproject.org> wrote:
> 1. Hidden service use can't push you over to an unused guard (at all).
>  2. Hidden service use can't influence your choice of guard (at all).
>  3. Exits and websites can't push you over to an unused guard (at all)
>  4. DoS/Guard node downtime signals are rare (absent)
>  5. Nodes are not reused for Guard and Exit positions ("any" positions)
>  6. Information about the guard(s) does not leak to the website/RP (at all).
>  7. Relays in the same family can't be forced to correlate Exit traffic.

I think this list is missing some important user-visible properties, or it's
not clear which property above corresponds to these properties:

* Is Tor reliable and responsive when guards go down, or when I move
  networks, or when I have lost and regained service?

I also think it's missing an implicit property, which we should make explicit:

* Can Tor users be fingerprinted by their set of guards or directory guards?

Perhaps this property is out of scope.


More information about the tor-dev mailing list