diff options
Diffstat (limited to 'proposals/272-valid-and-running-by-default.txt')
-rw-r--r-- | proposals/272-valid-and-running-by-default.txt | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/proposals/272-valid-and-running-by-default.txt b/proposals/272-valid-and-running-by-default.txt new file mode 100644 index 0000000..7e14b6b --- /dev/null +++ b/proposals/272-valid-and-running-by-default.txt @@ -0,0 +1,59 @@ +Filename: 272-valid-and-running-by-default.txt +Title: Listed routers should be Valid, Running, and treated as such +Created: 26 Aug 2016 +Author: Nick Mathewson +Status: Open + +1. Introduction and proposal. + + This proposal describes a change in how clients understand consensus + flags, and how authorities vote on consensuses. + +1.1. Authority-side changes + + Back in proposal 138, we made it so that non-Running routers were not + included in the consensus documents. We should do the same with the + Valid flag. Specifically, after voting, if the authorities find that + a router would not receive the Valid flag, they should not include it + at all. + + This will require the allocation of a new consensus method, since it + is a change in how consensuses are made from votes. + + In the most recent consensus, it will affect exactly 1 router. + +1.2. Client-side changes + + I propose that clients should consider every listed router to be + listed as Running and Valid if any consensus method above or higher + is in use. + +2. Benefits + + Removing the notion of listed but invalid routers will remove an + opportunity for error, and let us remove some client side code. + + More interestingly, the above changes would allow us to eventually + stop including the Running and Valid flags, thereby providing an + authority-side way to feature-gate clients off of the Tor network + without a fast-zombie problem. (See proposal 266 for discussion.) + + +A. An additional possible change + + Perhaps authorities might also treat BadExit like they treat the + absence of Valid and Running: as sufficient reason to not include a + router in the consensus. Right now, there are only 4 listed BadExit + routers in the consensus, amounting to a small fraction of total + bandwidth. + + Making this change would allow us to remove the client-side badexit + logic. + + +B. Does this solve the zombie problem? + + I tested it a little, and it does seem to be a way to make even the + most ancient consensus-understanding Tors stop fetching descriptors + and using the network. More testing needed though. + |