Opened 4 years ago

Last modified 8 months ago

#17728 new enhancement

Use NETINFO handshake rather than date header to check time with authorities — at Version 7

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-client easy time bootstrap
Cc: dmr Actual Points:
Parent ID: #9675 Points:
Reviewer: Sponsor:

Description (last modified by teor)

tor currently checks its clock against the directory authorities by reading the HTTP date header in the directory documents.

In #15775, we allow clients to bootstrap using fallback directories, rather than authorities.

In #4483, we make multiple connections, and use the first connection that starts downloading. If there are multiple connections downloading, we favour authority connections, so that tor can still get a clock check.

But if tor used the date from the TLS handshake, it could get directory documents from a fallback directory, and abort authority connections sooner. This would place less load on the authorities.

This would be similar to the tlsdate implementation:

Edited: Look at the netinfo cell, not the TLS handshake. -- nickm

Child Tickets

Change History (7)

comment:1 Changed 4 years ago by nickm

That date is sent in the clear, and recent TLS implementations will randomize it. But the NETINFO cell should have a view of the current time.

comment:2 Changed 4 years ago by teor

Parent ID: #9675

comment:3 Changed 3 years ago by nickm

Description: modified (diff)
Summary: Use TLS handshake rather than date header to check time with authoritiesUse NETINFO handshake rather than date header to check time with authorities

comment:4 Changed 3 years ago by isabela

Milestone: Tor: 0.2.9.x-finalTor: 0.2.???

tickets market to be removed from milestone 029

comment:5 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:6 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:7 Changed 2 years ago by teor

Description: modified (diff)

Clarify that this ticket is about efficiency, allowing clients to stop authority connections after the NETINFO cell, rather than downloading directory documents to check the time.

(This could be complex, because we don't want to cancel the non-authority connections, and then have to start again.)

Note: See TracTickets for help on using tickets.