diff options
author | Nick Mathewson <nickm@torproject.org> | 2023-11-06 09:47:20 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2023-11-06 09:47:20 -0500 |
commit | 8a37a5e8b1b823f789043ed171f5164d3d31466a (patch) | |
tree | 0677053b97f5211cde79d48c07bbdd94ac974160 /spec/path-spec/when-we-build.md | |
parent | 0aac4f216ce3a5f9a0064b7f71a6bd78deb7b270 (diff) | |
download | torspec-8a37a5e8b1b823f789043ed171f5164d3d31466a.tar.gz torspec-8a37a5e8b1b823f789043ed171f5164d3d31466a.zip |
path-spec: replace most section-number-based links.
Diffstat (limited to 'spec/path-spec/when-we-build.md')
-rw-r--r-- | spec/path-spec/when-we-build.md | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/spec/path-spec/when-we-build.md b/spec/path-spec/when-we-build.md index cbcf7da..7130978 100644 --- a/spec/path-spec/when-we-build.md +++ b/spec/path-spec/when-we-build.md @@ -9,8 +9,14 @@ There's a class of possible attacks where our directory servers only give us information about the relays that they would like us to use. To prevent this attack, we don't build multi-hop -circuits for real traffic (like those in 2.1.1, 2.1.2, 2.1.4 -below) until we have enough directory information to be +circuits +(including +[preemptive circuits](#preemptive), +[on-demand circuits(#on-demand), +[onion-service circuits](#onion-service)] +or [self-testing testing circuits](#self-test)) +for real traffic +until we have enough directory information to be reasonably confident this attack isn't being done to us. Here, "enough" directory information is defined as: @@ -59,7 +65,7 @@ fraction of middle relays. <a id="path-spec.txt-2.1.1"></a> -## Clients build circuits preemptively +## Clients build circuits preemptively {#preemptive} When running as a client, Tor tries to maintain at least a certain number of clean circuits, so that new streams can be handled @@ -94,7 +100,7 @@ persistent medium. <a id="path-spec.txt-2.1.2"></a> -## Clients build circuits on demand +## Clients build circuits on demand {#on-demand} Additionally, when a client request exists that no circuit (built or pending) might support, we create a new circuit to support the request. @@ -110,11 +116,13 @@ If a circuit has been "dirty" for at least MaxCircuitDirtiness seconds, new circuits may not be attached to it. In some cases we can reuse an already established circuit if it's -clean; see Section 2.3 (cannibalizing circuits) for details. +clean; see ["cannibalizing circuits"](./cannibalizing-circuits.md) + +for details. <a id="path-spec.txt-2.1.3"></a> -## Relays build circuits for testing reachability and bandwidth +## Relays build circuits for testing reachability and bandwidth {#self-test} Tor relays test reachability of their ORPort once they have successfully built a circuit (on startup and whenever their IP address @@ -137,7 +145,7 @@ this purpose. <a id="path-spec.txt-2.1.4"></a> -## Hidden-service circuits +## Hidden-service circuits {#onion-service} See section 4 below. @@ -145,8 +153,9 @@ See section 4 below. ## Rate limiting of failed circuits -If we fail to build a circuit N times in a X second period (see Section -2.3 for how this works), we stop building circuits until the X seconds +If we fail to build a circuit N times in a X second period +(see ["Handling failure"](./handling-failure.md) +for how this works), we stop building circuits until the X seconds have elapsed. XXXX |