diff options
| author | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2015-11-20 11:25:41 +1100 |
|---|---|---|
| committer | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2015-11-20 11:27:37 +1100 |
| commit | 07de4f0ef9ba0d623de31816b55bfe76606d1a9f (patch) | |
| tree | ceab0ef73888ea1406ddf47bc6040be91aa8bda4 /proposals/ideas | |
| parent | b38f1e8b6c47653639dd903103a8a245285ada2c (diff) | |
| download | torspec-07de4f0ef9ba0d623de31816b55bfe76606d1a9f.tar.gz torspec-07de4f0ef9ba0d623de31816b55bfe76606d1a9f.zip | |
Update RSOS proposal: RendPostPeriod and other option recommendations
Diffstat (limited to 'proposals/ideas')
| -rw-r--r-- | proposals/ideas/xxx-rend-single-onion.txt | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/proposals/ideas/xxx-rend-single-onion.txt b/proposals/ideas/xxx-rend-single-onion.txt index 5cfbe1a..d402618 100644 --- a/proposals/ideas/xxx-rend-single-onion.txt +++ b/proposals/ideas/xxx-rend-single-onion.txt @@ -174,13 +174,21 @@ Status: Draft The default PredictedPortsRelevanceTime setting creates additional, unnecessary connections. - RendPostPeriod 0 seconds - This option typically hides the startup time of a hidden service by - randomly posting over a 2 hour period. Since single onion services - value speed over anonymity, they can post descriptors straight away. - (Actually, 30 seconds after they bootstrap, for descriptor stability.) + High-churn / quick-failover RSOS using descriptor competition strategies + should consider setting the following option: - However, we do not recommend setting the following option to 1, unless bug + RendPostPeriod 600 seconds + Refresh onion service descriptors, choosing an interval between + 0 and 2*RendPostPeriod. Tor also posts descriptors on bootstrap, and + when they change. + (Strictly, 30 seconds after they first change, for descriptor + stability.) + + XX - Reduce the minimum RendPostPeriod for RSOS to 1 minute? + XX - Make the initial post 30 + rand(1*rendpostperiod) ? + (Avoid thundering herd, but don't hide startup time) + + However, we do NOT recommend setting the following option to 1, unless bug #17359 is resolved so tor onion services can bootstrap without predicted circuits. @@ -198,6 +206,9 @@ Status: Draft service tor instance. Since tor runs as a client (and not a relay) by default, rendezvous single onion service operators should set: + XX - George says we don't allow operators to run HS/Relay any more, + or that we warn them. + SocksPort 0 Disallow connections from client applications to the tor network via this tor instance. |