From 1f161ba229c34d4c54620cc04ec9467fe397a9af Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 19:22:29 +0000 Subject: Prop265 Status Update --- proposals/265-load-balancing-with-overhead.txt | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/proposals/265-load-balancing-with-overhead.txt b/proposals/265-load-balancing-with-overhead.txt index e79d0a1..c6e6ba6 100644 --- a/proposals/265-load-balancing-with-overhead.txt +++ b/proposals/265-load-balancing-with-overhead.txt @@ -2,8 +2,27 @@ Filename: 265-load-balancing-with-overhead.txt Title: Load Balancing with Overhead Parameters Authors: Mike Perry Created: 01 January 2016 -Status: Accepted -Target: 0.2.9.x +Status: Open +Target: arti-dirauth + +NOTE: This is one way to address several load balancing problems in Tor, +including padding overhead and Exit+Guard issues. However, before attempting +this, we should see if we can simplify the equations further by changing how +we assign Guard, Fast and Stable flags in the first place. If we assign Guard +flags such that Guards are properly allocated wrt Middle and Fast, and avoid +assigning Guard to Exit, this will become simpler. Unfortunately, this is +literally impossible to fix with C-Tor. In adition to numerous overrides and +disparate safety checks that prevent changes, several bugs mean that Guard, +Stable, and Fast flags are randomly assigned: See: + https://gitlab.torproject.org/tpo/core/tor/-/issues/40230 + https://gitlab.torproject.org/tpo/core/tor/-/issues/40395 + https://gitlab.torproject.org/tpo/core/tor/-/issues/19162 + https://gitlab.torproject.org/tpo/core/tor/-/issues/40733 + https://gitlab.torproject.org/tpo/network-health/analysis/-/issues/45 + https://gitlab.torproject.org/tpo/core/torspec/-/issues/100 + https://gitlab.torproject.org/tpo/core/torspec/-/issues/160 + https://gitlab.torproject.org/tpo/core/torspec/-/issues/158 + 0. Motivation -- cgit v1.2.3-54-g00ecf From 66f23aa519d3914d2c13a05e1e164d15a5023cd2 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 19:27:14 +0000 Subject: Prop282: Mark for arti-dirauth --- proposals/282-remove-named-from-consensus.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/282-remove-named-from-consensus.txt b/proposals/282-remove-named-from-consensus.txt index 7fc28f0..eeef519 100644 --- a/proposals/282-remove-named-from-consensus.txt +++ b/proposals/282-remove-named-from-consensus.txt @@ -3,7 +3,7 @@ Title: Remove "Named" and "Unnamed" handling from consensus voting Author: Nick Mathewson Created: 12-Sep-2017 Status: Accepted -Target: 0.3.3.x +Target: arti-dirauth 1. Summary -- cgit v1.2.3-54-g00ecf From fc6c4ce7ffcf6cd9fdc129e98dcd649ffd8e36e3 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 19:28:13 +0000 Subject: Prop285: Target arti-dirauth --- proposals/285-utf-8.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/proposals/285-utf-8.txt b/proposals/285-utf-8.txt index c393e46..cb7bab4 100644 --- a/proposals/285-utf-8.txt +++ b/proposals/285-utf-8.txt @@ -3,6 +3,8 @@ Title: Directory documents should be standardized as UTF-8 Author: Nick Mathewson Created: 13 November 2017 Status: Accepted +Target: arti-dirauth +Ticket: https://gitlab.torproject.org/tpo/core/tor/-/issues/40131 1. Summary and motivation -- cgit v1.2.3-54-g00ecf From 21c0c08b613ed403f4e2ed83cc658b7361afca7b Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 19:28:52 +0000 Subject: Prop327: Finished (implemented in C-Tor) --- proposals/327-pow-over-intro.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/327-pow-over-intro.txt b/proposals/327-pow-over-intro.txt index db17c06..bcaf6f3 100644 --- a/proposals/327-pow-over-intro.txt +++ b/proposals/327-pow-over-intro.txt @@ -2,7 +2,7 @@ Filename: 327-pow-over-intro.txt Title: A First Take at PoW Over Introduction Circuits Author: George Kadianakis, Mike Perry, David Goulet, tevador Created: 2 April 2020 -Status: Draft +Status: Finished 0. Abstract -- cgit v1.2.3-54-g00ecf From 1b62a02231edf0be499dbd7570bdbda94482463a Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 19:35:29 +0000 Subject: Prop324: Mark Finished and update sendme_inc prose --- proposals/324-rtt-congestion-control.txt | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/proposals/324-rtt-congestion-control.txt b/proposals/324-rtt-congestion-control.txt index 582c54d..4235be8 100644 --- a/proposals/324-rtt-congestion-control.txt +++ b/proposals/324-rtt-congestion-control.txt @@ -2,7 +2,7 @@ Filename: 324-rtt-congestion-control.txt Title: RTT-based Congestion Control for Tor Author: Mike Perry Created: 02 July 2020 -Status: Open +Status: Finished 0. Motivation [MOTIVATION] @@ -2148,7 +2148,7 @@ The client MUST reject an ntorv3 reply with field EXT_FIELD_TYPE=02, if the client did not include EXT_FIELD_TYPE=01 in its handshake. The client SHOULD reject a sendme_inc field value that differs from the -current 'cc_sendme_inc' consensus parameter by more than a factor of 2, in +current 'cc_sendme_inc' consensus parameter by more than +/- 1, in either direction. If a client rejects a handshake, it MUST close the circuit. @@ -2159,8 +2159,7 @@ The pedantic reader will note that a rogue consensus can cause all clients to decide to close circuits by changing 'cc_sendme_inc' by a large margin. As a matter of policy, the directory authorities MUST NOT change -'cc_sendme_inc' by more than a factor of two (2), within a four (4) hour -window, for this reason. +'cc_sendme_inc' by more than +/- 1. In Shadow simulation, the optimal 'cc_sendme_inc' value to be ~31 cells, or one (1) TLS record worth of cells. We do not expect to change this value -- cgit v1.2.3-54-g00ecf From 00281f88f53ef4c73221bc7429359eef0b5aa178 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 20:03:10 +0000 Subject: Prop#329: Finished --- proposals/329-traffic-splitting.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/329-traffic-splitting.txt b/proposals/329-traffic-splitting.txt index 93655f0..2a24f1f 100644 --- a/proposals/329-traffic-splitting.txt +++ b/proposals/329-traffic-splitting.txt @@ -2,7 +2,7 @@ Filename: 329-traffic-splitting.txt Title: Overcoming Tor's Bottlenecks with Traffic Splitting Author: David Goulet, Mike Perry Created: 2020-11-25 -Status: Needs-Revision +Status: Finished 0. Status -- cgit v1.2.3-54-g00ecf From 1c55d984b4e8de910181a8463fc48e0db75ae556 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 20:05:53 +0000 Subject: Prop#291: Finished --- proposals/291-two-guard-nodes.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/291-two-guard-nodes.txt b/proposals/291-two-guard-nodes.txt index a9554c6..56424cc 100644 --- a/proposals/291-two-guard-nodes.txt +++ b/proposals/291-two-guard-nodes.txt @@ -3,7 +3,7 @@ Title: The move to two guard nodes Author: Mike Perry Created: 2018-03-22 Supersedes: Proposal 236 -Status: Needs-Revision +Status: Finished 0. Background -- cgit v1.2.3-54-g00ecf From 92b596009012860898ee0975e7b626245632dace Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Tue, 26 Sep 2023 20:29:13 +0000 Subject: Run re-index script --- proposals/000-index.txt | 24 ++++++++++++------------ proposals/BY_INDEX.md | 10 +++++----- proposals/README.md | 10 +++++----- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/proposals/000-index.txt b/proposals/000-index.txt index 3cee3ae..ff6bf8b 100644 --- a/proposals/000-index.txt +++ b/proposals/000-index.txt @@ -185,7 +185,7 @@ Proposals by number: 262 Re-keying live circuits with new cryptographic material [RESERVE] 263 Request to change key exchange protocol for handshake v1.2 [OBSOLETE] 264 Putting version numbers on the Tor subprotocols [CLOSED] -265 Load Balancing with Overhead Parameters [ACCEPTED] +265 Load Balancing with Overhead Parameters [OPEN] 266 Removing current obsolete clients from the Tor network [SUPERSEDED] 267 Tor Consensus Transparency [OPEN] 268 New Guard Selection Behaviour [OBSOLETE] @@ -211,7 +211,7 @@ Proposals by number: 288 Privacy-Preserving Statistics with Privcount in Tor (Shamir version) [RESERVE] 289 Authenticating sendme cells to mitigate bandwidth attacks [CLOSED] 290 Continuously update consensus methods [META] -291 The move to two guard nodes [NEEDS-REVISION] +291 The move to two guard nodes [FINISHED] 292 Mesh-based vanguards [ACCEPTED] 293 Other ways for relays to know when to publish [CLOSED] 294 TLS 1.3 Migration [DRAFT] @@ -244,12 +244,12 @@ Proposals by number: 321 Better performance and usability for the MyFamily option (v2) [ACCEPTED] 322 Extending link specifiers to include the directory port [OPEN] 323 Specification for Walking Onions [OPEN] -324 RTT-based Congestion Control for Tor [OPEN] +324 RTT-based Congestion Control for Tor [FINISHED] 325 Packed relay cells: saving space on small commands [OBSOLETE] 326 The "tor-relay" Well-Known Resource Identifier [OPEN] -327 A First Take at PoW Over Introduction Circuits [DRAFT] +327 A First Take at PoW Over Introduction Circuits [FINISHED] 328 Make Relays Report When They Are Overloaded [CLOSED] -329 Overcoming Tor's Bottlenecks with Traffic Splitting [NEEDS-REVISION] +329 Overcoming Tor's Bottlenecks with Traffic Splitting [FINISHED] 330 Modernizing authority contact entries [OPEN] 331 Res tokens: Anonymous Credentials for Onion Service DoS Resilience [DRAFT] 332 Ntor protocol with extra data, version 3 [FINISHED] @@ -272,7 +272,6 @@ Proposals by status: DRAFT: 294 TLS 1.3 Migration 316 FlashFlow: A Secure Speed Test for Tor (Parent Proposal) - 327 A First Take at PoW Over Introduction Circuits 331 Res tokens: Anonymous Credentials for Onion Service DoS Resilience 342 Decoupling hs_interval and SRV lifetime NEEDS-REVISION: @@ -282,12 +281,11 @@ Proposals by status: 248 Remove all RSA identity keys 269 Transitionally secure hybrid handshakes 279 A Name System API for Tor Onion Services - 291 The move to two guard nodes 317 Improve security aspects of DNS name resolution - 329 Overcoming Tor's Bottlenecks with Traffic Splitting OPEN: 239 Consensus Hash Chaining 240 Early signing key revocation for directory authorities + 265 Load Balancing with Overhead Parameters [for arti-dirauth] 267 Tor Consensus Transparency 277 Detect multiple relay instances running with same ID [for 0.3.??] 287 Reduce circuit lifetime without overloading the network @@ -297,7 +295,6 @@ Proposals by status: 309 Optimistic SOCKS Data 322 Extending link specifiers to include the directory port 323 Specification for Walking Onions - 324 RTT-based Congestion Control for Tor 326 The "tor-relay" Well-Known Resource Identifier 330 Modernizing authority contact entries 340 Packed and fragmented relay messages @@ -305,9 +302,8 @@ Proposals by status: 343 CAA Extensions for the Tor Rendezvous Specification 344 Prioritizing Protocol Information Leaks in Tor ACCEPTED: - 265 Load Balancing with Overhead Parameters [for 0.2.9.x] - 282 Remove "Named" and "Unnamed" handling from consensus voting [for 0.3.3.x] - 285 Directory documents should be standardized as UTF-8 + 282 Remove "Named" and "Unnamed" handling from consensus voting [for arti-dirauth] + 285 Directory documents should be standardized as UTF-8 [for arti-dirauth] 292 Mesh-based vanguards 301 Don't include package fingerprints in consensus documents 311 Tor Relay IPv6 Reachability @@ -324,6 +320,10 @@ Proposals by status: 290 Continuously update consensus methods FINISHED: 260 Rendezvous Single Onion Services [in 0.2.9.3-alpha] + 291 The move to two guard nodes + 324 RTT-based Congestion Control for Tor + 327 A First Take at PoW Over Introduction Circuits + 329 Overcoming Tor's Bottlenecks with Traffic Splitting 332 Ntor protocol with extra data, version 3 333 Vanguards lite [in 0.4.7.1-alpha] CLOSED: diff --git a/proposals/BY_INDEX.md b/proposals/BY_INDEX.md index 6a54205..c0ab2d8 100644 --- a/proposals/BY_INDEX.md +++ b/proposals/BY_INDEX.md @@ -182,7 +182,7 @@ Below are a list of proposals sorted by their proposal number. See * [`262-rekey-circuits.txt`](/proposals/262-rekey-circuits.txt): Re-keying live circuits with new cryptographic material [RESERVE] * [`263-ntru-for-pq-handshake.txt`](/proposals/263-ntru-for-pq-handshake.txt): Request to change key exchange protocol for handshake v1.2 [OBSOLETE] * [`264-subprotocol-versions.txt`](/proposals/264-subprotocol-versions.txt): Putting version numbers on the Tor subprotocols [CLOSED] -* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters [ACCEPTED] +* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters [OPEN] * [`266-removing-current-obsolete-clients.txt`](/proposals/266-removing-current-obsolete-clients.txt): Removing current obsolete clients from the Tor network [SUPERSEDED] * [`267-tor-consensus-transparency.txt`](/proposals/267-tor-consensus-transparency.txt): Tor Consensus Transparency [OPEN] * [`268-guard-selection.txt`](/proposals/268-guard-selection.txt): New Guard Selection Behaviour [OBSOLETE] @@ -208,7 +208,7 @@ Below are a list of proposals sorted by their proposal number. See * [`288-privcount-with-shamir.txt`](/proposals/288-privcount-with-shamir.txt): Privacy-Preserving Statistics with Privcount in Tor (Shamir version) [RESERVE] * [`289-authenticated-sendmes.txt`](/proposals/289-authenticated-sendmes.txt): Authenticating sendme cells to mitigate bandwidth attacks [CLOSED] * [`290-deprecate-consensus-methods.txt`](/proposals/290-deprecate-consensus-methods.txt): Continuously update consensus methods [META] -* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes [NEEDS-REVISION] +* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes [FINISHED] * [`292-mesh-vanguards.txt`](/proposals/292-mesh-vanguards.txt): Mesh-based vanguards [ACCEPTED] * [`293-know-when-to-publish.txt`](/proposals/293-know-when-to-publish.txt): Other ways for relays to know when to publish [CLOSED] * [`294-tls-1.3.txt`](/proposals/294-tls-1.3.txt): TLS 1.3 Migration [DRAFT] @@ -241,12 +241,12 @@ Below are a list of proposals sorted by their proposal number. See * [`321-happy-families.md`](/proposals/321-happy-families.md): Better performance and usability for the MyFamily option (v2) [ACCEPTED] * [`322-dirport-linkspec.md`](/proposals/322-dirport-linkspec.md): Extending link specifiers to include the directory port [OPEN] * [`323-walking-onions-full.md`](/proposals/323-walking-onions-full.md): Specification for Walking Onions [OPEN] -* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor [OPEN] +* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor [FINISHED] * [`325-packed-relay-cells.md`](/proposals/325-packed-relay-cells.md): Packed relay cells: saving space on small commands [OBSOLETE] * [`326-tor-relay-well-known-uri-rfc8615.md`](/proposals/326-tor-relay-well-known-uri-rfc8615.md): The "tor-relay" Well-Known Resource Identifier [OPEN] -* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits [DRAFT] +* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits [FINISHED] * [`328-relay-overload-report.md`](/proposals/328-relay-overload-report.md): Make Relays Report When They Are Overloaded [CLOSED] -* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting [NEEDS-REVISION] +* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting [FINISHED] * [`330-authority-contact.md`](/proposals/330-authority-contact.md): Modernizing authority contact entries [OPEN] * [`331-res-tokens-for-anti-dos.md`](/proposals/331-res-tokens-for-anti-dos.md): Res tokens: Anonymous Credentials for Onion Service DoS Resilience [DRAFT] * [`332-ntor-v3-with-extra-data.md`](/proposals/332-ntor-v3-with-extra-data.md): Ntor protocol with extra data, version 3 [FINISHED] diff --git a/proposals/README.md b/proposals/README.md index 1ae4f56..4503667 100644 --- a/proposals/README.md +++ b/proposals/README.md @@ -22,6 +22,7 @@ for discussion. * [`239-consensus-hash-chaining.txt`](/proposals/239-consensus-hash-chaining.txt): Consensus Hash Chaining * [`240-auth-cert-revocation.txt`](/proposals/240-auth-cert-revocation.txt): Early signing key revocation for directory authorities +* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters * [`267-tor-consensus-transparency.txt`](/proposals/267-tor-consensus-transparency.txt): Tor Consensus Transparency * [`277-detect-id-sharing.txt`](/proposals/277-detect-id-sharing.txt): Detect multiple relay instances running with same ID * [`287-reduce-lifetime.txt`](/proposals/287-reduce-lifetime.txt): Reduce circuit lifetime without overloading the network @@ -31,7 +32,6 @@ for discussion. * [`309-optimistic-socks-in-tor.txt`](/proposals/309-optimistic-socks-in-tor.txt): Optimistic SOCKS Data * [`322-dirport-linkspec.md`](/proposals/322-dirport-linkspec.md): Extending link specifiers to include the directory port * [`323-walking-onions-full.md`](/proposals/323-walking-onions-full.md): Specification for Walking Onions -* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor * [`326-tor-relay-well-known-uri-rfc8615.md`](/proposals/326-tor-relay-well-known-uri-rfc8615.md): The "tor-relay" Well-Known Resource Identifier * [`330-authority-contact.md`](/proposals/330-authority-contact.md): Modernizing authority contact entries * [`340-packed-and-fragmented.md`](/proposals/340-packed-and-fragmented.md): Packed and fragmented relay messages @@ -46,7 +46,6 @@ These are the proposals that we agree we'd like to implement. They might or might not have a specific timeframe planned for their implementation. -* [`265-load-balancing-with-overhead.txt`](/proposals/265-load-balancing-with-overhead.txt): Load Balancing with Overhead Parameters * [`282-remove-named-from-consensus.txt`](/proposals/282-remove-named-from-consensus.txt): Remove "Named" and "Unnamed" handling from consensus voting * [`285-utf-8.txt`](/proposals/285-utf-8.txt): Directory documents should be standardized as UTF-8 * [`292-mesh-vanguards.txt`](/proposals/292-mesh-vanguards.txt): Mesh-based vanguards @@ -65,6 +64,10 @@ These proposals are implemented in some version of Tor; the proposals themselves still need to be merged into the specifications proper. * [`260-rend-single-onion.txt`](/proposals/260-rend-single-onion.txt): Rendezvous Single Onion Services +* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes +* [`324-rtt-congestion-control.txt`](/proposals/324-rtt-congestion-control.txt): RTT-based Congestion Control for Tor +* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits +* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting * [`332-ntor-v3-with-extra-data.md`](/proposals/332-ntor-v3-with-extra-data.md): Ntor protocol with extra data, version 3 * [`333-vanguards-lite.md`](/proposals/333-vanguards-lite.md): Vanguards lite @@ -100,7 +103,6 @@ discussion. * [`294-tls-1.3.txt`](/proposals/294-tls-1.3.txt): TLS 1.3 Migration * [`316-flashflow.md`](/proposals/316-flashflow.md): FlashFlow: A Secure Speed Test for Tor (Parent Proposal) -* [`327-pow-over-intro.txt`](/proposals/327-pow-over-intro.txt): A First Take at PoW Over Introduction Circuits * [`331-res-tokens-for-anti-dos.md`](/proposals/331-res-tokens-for-anti-dos.md): Res tokens: Anonymous Credentials for Onion Service DoS Resilience * [`342-decouple-hs-interval.md`](/proposals/342-decouple-hs-interval.md): Decoupling hs_interval and SRV lifetime @@ -116,9 +118,7 @@ certain changes. * [`248-removing-rsa-identities.txt`](/proposals/248-removing-rsa-identities.txt): Remove all RSA identity keys * [`269-hybrid-handshake.txt`](/proposals/269-hybrid-handshake.txt): Transitionally secure hybrid handshakes * [`279-naming-layer-api.txt`](/proposals/279-naming-layer-api.txt): A Name System API for Tor Onion Services -* [`291-two-guard-nodes.txt`](/proposals/291-two-guard-nodes.txt): The move to two guard nodes * [`317-secure-dns-name-resolution.txt`](/proposals/317-secure-dns-name-resolution.txt): Improve security aspects of DNS name resolution -* [`329-traffic-splitting.txt`](/proposals/329-traffic-splitting.txt): Overcoming Tor's Bottlenecks with Traffic Splitting ## NEEDS-RESEARCH proposals: blocking on research -- cgit v1.2.3-54-g00ecf