Opened 3 years ago
Last modified 8 months ago
#23980 new enhancement
Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.
| Reported by: | mikeperry | Owned by: | |
|---|---|---|---|
| Priority: | Medium | Milestone: | Tor: unspecified |
| Component: | Core Tor/Tor | Version: | |
| Severity: | Normal | Keywords: | guard-discovery-stats, 034-triage-20180328, 034-removed-20180328 |
| Cc: | mikeperry | Actual Points: | |
| Parent ID: | Points: | ||
| Reviewer: | Sponsor: |
Description
HTTP hidden services and other short-lived protocols do not need to keep their circuits open very long. Somewhere between 10min and 1 hour ought to be plenty. Since long-lived circuits are a vector for guard discovery (see #22728), we should provide a torrc option to set a max hidden service circuit lifetime.
Note that making this timeout too low effectively enables new forms of #20212, so we should err towards an hour for the timeout here until that fix is landed.
Child Tickets
Change History (11)
comment:1 Changed 3 years ago by
| Keywords: | guard-discovery-stats added; guard-discovery removed |
|---|
comment:2 Changed 3 years ago by
| Owner: | set to mikeperry |
|---|---|
| Status: | new → assigned |
comment:3 Changed 3 years ago by
| Summary: | Provide torrc option to kill hidden service circuits after $TIMEOUT → Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes. |
|---|
Other useful optional kill conditions include:
- After a certain number of bytes (like a multiplier of a website's expected page size) have been sent on the circuit. Read and write should be separate params, since many services have much more data going in one direction than the other.
- After the vanguard/pinned middle stops being used.
comment:4 Changed 3 years ago by
| Milestone: | Tor: 0.3.3.x-final → Tor: 0.3.4.x-final |
|---|
comment:5 Changed 3 years ago by
| Keywords: | 034-triage-20180328 added |
|---|
comment:6 Changed 3 years ago by
| Keywords: | 034-removed-20180328 added |
|---|
Per our triage process, these tickets are pending removal from 0.3.4.
comment:7 Changed 3 years ago by
| Milestone: | Tor: 0.3.4.x-final → Tor: unspecified |
|---|
These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.
comment:8 Changed 17 months ago by
Removing sponsor V as we do not have more time to include this tickets in the sponsor.
comment:9 Changed 17 months ago by
| Sponsor: | SponsorV-can |
|---|
Removing sponsor from tickets that we do not have time to fit in the remain of this sponsorship.
comment:10 Changed 16 months ago by
| Cc: | mikeperry added |
|---|---|
| Owner: | mikeperry deleted |
comment:11 Changed 8 months ago by
| Status: | assigned → new |
|---|
Change tickets that are assigned to nobody to "new".
I can take this one, probably in December.