Opened 2 years ago

Last modified 3 months ago

#23980 assigned enhancement

Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.

Reported by: mikeperry Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: guard-discovery-stats, 034-triage-20180328, 034-removed-20180328
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

HTTP hidden services and other short-lived protocols do not need to keep their circuits open very long. Somewhere between 10min and 1 hour ought to be plenty. Since long-lived circuits are a vector for guard discovery (see #22728), we should provide a torrc option to set a max hidden service circuit lifetime.

Note that making this timeout too low effectively enables new forms of #20212, so we should err towards an hour for the timeout here until that fix is landed.

Child Tickets

Change History (10)

comment:1 Changed 2 years ago by mikeperry

Keywords: guard-discovery-stats added; guard-discovery removed

comment:2 Changed 22 months ago by mikeperry

Owner: set to mikeperry
Status: newassigned

I can take this one, probably in December.

comment:3 Changed 20 months ago by mikeperry

Summary: Provide torrc option to kill hidden service circuits after $TIMEOUTProvide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.

Other useful optional kill conditions include:

  1. After a certain number of bytes (like a multiplier of a website's expected page size) have been sent on the circuit.
  2. After the vanguard/pinned middle stops being used.
Version 0, edited 20 months ago by mikeperry (next)

comment:4 Changed 20 months ago by dgoulet

Milestone: Tor: 0.3.3.x-finalTor: 0.3.4.x-final

comment:5 Changed 18 months ago by nickm

Keywords: 034-triage-20180328 added

comment:6 Changed 18 months ago by nickm

Keywords: 034-removed-20180328 added

Per our triage process, these tickets are pending removal from 0.3.4.

comment:7 Changed 18 months ago by nickm

Milestone: Tor: 0.3.4.x-finalTor: unspecified

These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.

comment:8 Changed 4 months ago by gaba

Removing sponsor V as we do not have more time to include this tickets in the sponsor.

comment:9 Changed 4 months ago by gaba

Sponsor: SponsorV-can

Removing sponsor from tickets that we do not have time to fit in the remain of this sponsorship.

comment:10 Changed 3 months ago by gaba

Cc: mikeperry added
Owner: mikeperry deleted
Note: See TracTickets for help on using tickets.