dos: Add changes file for ticket 24902

Signed-off-by: David Goulet <dgoulet@torproject.org>

1 files changed, 13 insertions, 0 deletions

diff --git a/changes/ticket24902 b/changes/ticket24902
new file mode 100644
index 0000000000..1a2ef95cc9
--- /dev/null
+++ b/changes/ticket24902
@@ -0,0 +1,13 @@
+  o Major features (denial of service mitigation):
+    - Give relays some defenses against the recent network overload. We start
+      with three defenses (default parameters in parentheses). First: if a
+      single client address makes too many concurrent connections (>100), hang
+      up on further connections. Second: if a single client address makes
+      circuits too quickly (more than 3 per second, with an allowed burst of
+      90) while also having too many connections open (3), refuse new create
+      cells for the next while (1-2 hours). Third: if a client asks to
+      establish a rendezvous point to you directly, ignore the request. These
+      defenses can be manually controlled by new torrc options, but relays
+      will also take guidance from consensus parameters, so there's no need to
+      configure anything manually. Implements ticket 24902.
+