Opened 22 months ago

Last modified 8 weeks ago

#23980 assigned enhancement

Provide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.

Reported by: mikeperry Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: guard-discovery-stats, 034-triage-20180328, 034-removed-20180328
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

HTTP hidden services and other short-lived protocols do not need to keep their circuits open very long. Somewhere between 10min and 1 hour ought to be plenty. Since long-lived circuits are a vector for guard discovery (see #22728), we should provide a torrc option to set a max hidden service circuit lifetime.

Note that making this timeout too low effectively enables new forms of #20212, so we should err towards an hour for the timeout here until that fix is landed.

Child Tickets

Change History (10)

comment:1 Changed 22 months ago by mikeperry

Keywords: guard-discovery-stats added; guard-discovery removed

comment:2 Changed 21 months ago by mikeperry

Owner: set to mikeperry
Status: newassigned

I can take this one, probably in December.

comment:3 Changed 19 months ago by mikeperry

Summary: Provide torrc option to kill hidden service circuits after $TIMEOUTProvide torrc option to kill hidden service circuits after $TIMEOUT, $NUM_BYTES, or guard changes.

Other useful optional kill conditions include:

  1. After a certain number of bytes (like a multiplier of a website's expected page size) have been sent on the circuit. Read and write should be separate params, since many services have much more data going in one direction than the other.
  2. After the vanguard/pinned middle stops being used.
Last edited 19 months ago by mikeperry (previous) (diff)

comment:4 Changed 19 months ago by dgoulet

Milestone: Tor: 0.3.3.x-finalTor: 0.3.4.x-final

comment:5 Changed 17 months ago by nickm

Keywords: 034-triage-20180328 added

comment:6 Changed 17 months ago by nickm

Keywords: 034-removed-20180328 added

Per our triage process, these tickets are pending removal from 0.3.4.

comment:7 Changed 17 months ago by nickm

Milestone: Tor: 0.3.4.x-finalTor: unspecified

These tickets, tagged with 034-removed-*, are no longer in-scope for 0.3.4. We can reconsider any of them, if time permits.

comment:8 Changed 3 months ago by gaba

Removing sponsor V as we do not have more time to include this tickets in the sponsor.

comment:9 Changed 3 months ago by gaba

Sponsor: SponsorV-can

Removing sponsor from tickets that we do not have time to fit in the remain of this sponsorship.

comment:10 Changed 8 weeks ago by gaba

Cc: mikeperry added
Owner: mikeperry deleted
Note: See TracTickets for help on using tickets.