diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-08-26 13:48:26 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-08-26 13:48:26 -0400 |
commit | 68177157137e97359511cdf86675af2df3a3628c (patch) | |
tree | 7a938fe2a3235d0386407d2b088c0626ed012d9d /proposals/272-valid-and-running-by-default.txt | |
parent | 6561a518eeb5611731c37f3238fb0bc8888b76dc (diff) | |
download | torspec-68177157137e97359511cdf86675af2df3a3628c.tar.gz torspec-68177157137e97359511cdf86675af2df3a3628c.zip |
Add a proposal for a better way to do 266
Diffstat (limited to 'proposals/272-valid-and-running-by-default.txt')
-rw-r--r-- | proposals/272-valid-and-running-by-default.txt | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/proposals/272-valid-and-running-by-default.txt b/proposals/272-valid-and-running-by-default.txt new file mode 100644 index 0000000..7e14b6b --- /dev/null +++ b/proposals/272-valid-and-running-by-default.txt @@ -0,0 +1,59 @@ +Filename: 272-valid-and-running-by-default.txt +Title: Listed routers should be Valid, Running, and treated as such +Created: 26 Aug 2016 +Author: Nick Mathewson +Status: Open + +1. Introduction and proposal. + + This proposal describes a change in how clients understand consensus + flags, and how authorities vote on consensuses. + +1.1. Authority-side changes + + Back in proposal 138, we made it so that non-Running routers were not + included in the consensus documents. We should do the same with the + Valid flag. Specifically, after voting, if the authorities find that + a router would not receive the Valid flag, they should not include it + at all. + + This will require the allocation of a new consensus method, since it + is a change in how consensuses are made from votes. + + In the most recent consensus, it will affect exactly 1 router. + +1.2. Client-side changes + + I propose that clients should consider every listed router to be + listed as Running and Valid if any consensus method above or higher + is in use. + +2. Benefits + + Removing the notion of listed but invalid routers will remove an + opportunity for error, and let us remove some client side code. + + More interestingly, the above changes would allow us to eventually + stop including the Running and Valid flags, thereby providing an + authority-side way to feature-gate clients off of the Tor network + without a fast-zombie problem. (See proposal 266 for discussion.) + + +A. An additional possible change + + Perhaps authorities might also treat BadExit like they treat the + absence of Valid and Running: as sufficient reason to not include a + router in the consensus. Right now, there are only 4 listed BadExit + routers in the consensus, amounting to a small fraction of total + bandwidth. + + Making this change would allow us to remove the client-side badexit + logic. + + +B. Does this solve the zombie problem? + + I tested it a little, and it does seem to be a way to make even the + most ancient consensus-understanding Tors stop fetching descriptors + and using the network. More testing needed though. + |