Introduce vanguards-lite subsystem and some of its entry points

Co-authored-by: Mike Perry <mikeperry-git@torproject.org>
author: George Kadianakis <desnacked@riseup.net> 2021-07-01 17:42:34 +0300
committer: George Kadianakis <desnacked@riseup.net> 2021-07-01 18:15:55 +0300
commit: 314a6b42c59c7d9ea240b758ccffd796963efd0f (patch)
tree: 0fefab4b7fabf6ec93ae6772e95265caa5ee1e53 /changes
parent: e71db3a4be1cab933f721d63d4ed98f50dddd7c0 (diff)
download: tor-314a6b42c59c7d9ea240b758ccffd796963efd0f.tar.gz
tor-314a6b42c59c7d9ea240b758ccffd796963efd0f.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/changes/ticket40363 b/changes/ticket40363
new file mode 100644
index 0000000000..240cbf8680
--- /dev/null
+++ b/changes/ticket40363
@@ -0,0 +1,9 @@
+  o Major features (Proposal 332, onion services, guard selection algorithm):
+    - Clients and onion services now choose four long-lived "layer 2" guard
+      relays for use as the middle hop in all onion circuits.  These relays are
+      kept in place for a randomized duration averaging 1 week each. This
+      mitigates guard discovery attacks against clients and short-lived onion
+      services such as OnionShare. Long-lived onion services that need high
+      security should still use the Vanguards addon
+      (https://github.com/mikeperry-tor/vanguards). Closes ticket 40363;
+      implements proposal 332.
author	George Kadianakis <desnacked@riseup.net>	2021-07-01 17:42:34 +0300
committer	George Kadianakis <desnacked@riseup.net>	2021-07-01 18:15:55 +0300
commit	314a6b42c59c7d9ea240b758ccffd796963efd0f (patch)
tree	0fefab4b7fabf6ec93ae6772e95265caa5ee1e53 /changes
parent	e71db3a4be1cab933f721d63d4ed98f50dddd7c0 (diff)
download	tor-314a6b42c59c7d9ea240b758ccffd796963efd0f.tar.gz tor-314a6b42c59c7d9ea240b758ccffd796963efd0f.zip