Age | Commit message (Collapse) | Author |
|
Document an onionbalance (?) behavior wrt missing newlines.
See merge request tpo/core/torspec!152
|
|
explain implementation details from #40805 fix
See merge request tpo/core/torspec!151
|
|
C Tor tolerates this; Arti didn't (until arti!1389).
Also see !109, where we noted a different occurrence of this
problem.
|
|
|
|
|
|
cert-spec: specify unit for EXPIRATION_DATE
See merge request tpo/core/torspec!147
|
|
Prop#324: Clarify that we use TOR_VEGAS and cwnd-RTT BDP estimation
See merge request tpo/core/torspec!150
|
|
Also remove the deprecated cc_bdp_alg param, and update the cc_alg param
description.
|
|
|
|
|
|
bandwidth-file: Add ratios KeyValues in RelayLines
Closes #210
See merge request tpo/core/torspec!149
|
|
and network bandwidth averages KeyValues in the Header.
Closes #210
|
|
cert-spec: improve signature formulation
See merge request tpo/core/torspec!146
|
|
The unit for the EXPIRATION_DATE field in the Rsa->Ed25519
cross-certificates is HOURS after the epoch.
This however, is not mentioned in the specification so far, thereby
fixing it.
|
|
I personally had a hard time implementing the signature validation in Ed25519
certificates, as I have misinterpreted it as signing only the first 64 bytes.
I hope that this patch puts more clearance into the material.
|
|
|
|
tor-spec: provide pseudocode for digest check
Closes #205
See merge request tpo/core/torspec!143
|
|
This commit implements a pseudocode example for the digest in both:
encryption and decryption cases.
The pseudocode itself is a combination of Python code and the Rust
slice type.
Fixes #205
|
|
Change KISTSchedRunInterval range and default; add KISTSchedRunIntervalClient
See merge request tpo/core/torspec!144
|
|
|
|
|
|
This adds a paragraph describing the checks hidden service directories
are supposed to perform before accepting a descriptor upload.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
|
|
Document channel padding stop timeout field values
See merge request tpo/core/torspec!142
|
|
rend-spec: document MAC_KEY_LEN=32.
See merge request tpo/core/torspec!141
|
|
rend-spec: Clarify that "exactly the same contents" means "exactly".
Closes #189
See merge request tpo/core/torspec!120
|
|
I UTSL C-tor and it memsets the thing to zero and then fails to write
these timeout fields.
We should recommend that other implementations do the same.
|
|
We use this constant in various places throughout the document
but we never say what it is.
|
|
Reason behind this is to simplify the negotiation of this feature. A
ntorv3 handshake is in the fast path of circuit creation and minimizing
any parsing and on the wire binary size is a win.
Furthermore, this prevents us to go into a complex code path of version
negotiation where either side can be tricked into using another older
version.
We also do NOT expect to ever end up in a situation where one side sends
packed cells but not the other.
And so, this change simplifies everything and reflects the approach we
took with congestion control as well. Future change of packed/fragmented
relay cells will be possible through a new ntorv3 extension and a Relay
protover.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Introduce an optional header called the "message routing header" which
contains a `stream_id` and is only present for commands that do require
it.
We also specify that if an unrecognized command is encountered, the
circuit MUST be destroyed immediately.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
These layers use SHA3 instead of SHA1 and AES256 instead of AES128.
Their SENDME tags are made with SHA3 too, but they are truncated to
20 bytes.
Closes #204.
|
|
|
|
|
|
tor-spec: inform about RELAY_EARLY in EXTEND(2)
See merge request tpo/core/torspec!135
|
|
Also clarify that the main reason we may need to tune it is because of
on-and-off attack patterns of large size.
|
|
Also link to the updated sim, and remove old sections of Tor Browser UX
from before we had auto-difficulty.
|
|
It is just rate limiting. We could apply real Prop324 congestion control to
the intro circuit, but so far we have not done so.
|
|
|
|
|
|
|
|
|
|
|
|
This makes numerous small changes, but also adds some larger blocks of
explanation that are written based on the finalized design.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
|
|
|
|
EXTEND/EXTEND2 cells MUST only be send through RELAY_EARLY cells, as
demanded by section 5.6.
This commit informs about this in the section of the EXTEND/EXTEND2
cells, as the current formulation contradicts the one in 5.6 to some
degree.
|
|
|
|
|
|
|
|
|
|
These were generated using a patched Tor with extra logging info.
I've used them to validate (and find bugs in) the arti hs-ntor
implementation. (See arti!1189.)
|