From 11f831834b94a5eef65828914dd8d504af4c96d1 Mon Sep 17 00:00:00 2001 From: Gabriela Moldovan Date: Tue, 5 Mar 2024 19:50:21 +0000 Subject: param-spec: Document the vanguard params. This documents the 3 [vanguard-related parameters] currently supported by C Tor. Note: Arti will support full vanguards too, so we may want to also add parameters for configuring the third layer of guards. [vanguard-related parameters]: https://gitlab.torproject.org/tpo/core/tor/-/blob/2d19050ef9f2612aab826fe2973dd9fab1df8438/src/feature/client/entrynodes.c#L4126-4159 --- spec/param-spec.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'spec') diff --git a/spec/param-spec.md b/spec/param-spec.md index cd0af5e..45cc7f0 100644 --- a/spec/param-spec.md +++ b/spec/param-spec.md @@ -340,6 +340,19 @@ First appeared: 0.4.2.1-alpha. +## Vanguard parameters {#vanguards} + +"vanguards-lite-enabled" -- Enable the vanguards-lite subsystem + +"guard-hs-l2-number" -- The number of guards in the L2 guardset +Min: 1. Max: INT32_MAX. Default: 4 + +"guard-hs-l2-lifetime-min" -- The minimum lifetime of L2 guards +Min: 1. Max: INT32_MAX. Default: 86400 (1 day) + +"guard-hs-l2-lifetime-max" -- The maximum lifetime of L2 guards +Min: 1. Max: INT32_MAX. Default: 1036800 (12 days) + ## Denial-of-service parameters {#dos} Denial of Service mitigation parameters. Introduced in 0.3.3.2-alpha: -- cgit v1.2.3-54-g00ecf From ddc6c6a35203952c50885c0a9bed2ff65d39cb91 Mon Sep 17 00:00:00 2001 From: Gabriela Moldovan Date: Mon, 25 Mar 2024 12:26:31 +0000 Subject: param-spec: Document the guard-hs-l3-* params. --- spec/param-spec.md | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'spec') diff --git a/spec/param-spec.md b/spec/param-spec.md index 45cc7f0..13c0550 100644 --- a/spec/param-spec.md +++ b/spec/param-spec.md @@ -353,6 +353,15 @@ Min: 1. Max: INT32_MAX. Default: 86400 (1 day) "guard-hs-l2-lifetime-max" -- The maximum lifetime of L2 guards Min: 1. Max: INT32_MAX. Default: 1036800 (12 days) +"guard-hs-l3-number" -- The number of guards in the L3 guardset +Min: 1. Max: INT32_MAX. Default: 8 + +"guard-hs-l3-lifetime-min" -- The minimum lifetime of L3 guards +Min: 1. Max: INT32_MAX. Default: 3600 (1 hour) + +"guard-hs-l3-lifetime-max" -- The maximum lifetime of L3 guards +Min: 1. Max: INT32_MAX. Default: 172800 (48 hours) + ## Denial-of-service parameters {#dos} Denial of Service mitigation parameters. Introduced in 0.3.3.2-alpha: -- cgit v1.2.3-54-g00ecf From 144c6954d8e7ca0f2d2f198379a9e8b2aea753f8 Mon Sep 17 00:00:00 2001 From: Gabriela Moldovan Date: Mon, 25 Mar 2024 12:41:38 +0000 Subject: param-spec: Make vanguards-enabled a tristate, add vanguards-hs-service. Prompted by https://gitlab.torproject.org/tpo/core/torspec/-/merge_requests/258#note_3011734 --- spec/param-spec.md | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'spec') diff --git a/spec/param-spec.md b/spec/param-spec.md index 13c0550..daa70f9 100644 --- a/spec/param-spec.md +++ b/spec/param-spec.md @@ -342,7 +342,22 @@ First appeared: 0.4.2.1-alpha. ## Vanguard parameters {#vanguards} -"vanguards-lite-enabled" -- Enable the vanguards-lite subsystem +```text + "vanguards-enabled" -- The type of vanguards to use by default when + building onion service circuits + 0: No vanguards. + 1: Lite vanguards. + 2: Full vanguards. +``` + +```text + "vanguards-hs-service" -- If higher than vanguards-enabled, and we are + running an onion service, we use this level for all our onion service + circuits + 0: No vanguards. + 1: Lite vanguards. + 2: Full vanguards. +``` "guard-hs-l2-number" -- The number of guards in the L2 guardset Min: 1. Max: INT32_MAX. Default: 4 -- cgit v1.2.3-54-g00ecf