Opened 8 months ago

Last modified 8 months ago

#24932 new defect

Onionoo should stop parsing untrusted descriptors

Reported by: teor Owned by: metrics-team
Priority: Low Milestone:
Component: Metrics/Onionoo Version:
Severity: Minor Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Split off #22488.

Sometimes Onionoo will parse a descriptor that hasn't appeared in any consensus. Descriptors are not trusted until they are in a consensus. They might have the wrong details. This means that Onionoo can have the wrong details.

This is not a big deal. It just takes a bit more time for users to work out where the problem is. Sometimes the problem is on the directory authorities (example: #24864). And sometimes it is in the relay config.

Child Tickets

Change History (1)

comment:1 Changed 8 months ago by karsten

Indeed, this is worth considering.

Right now, we're parsing all descriptors and only keeping the one with highest publication time. And we're telling users in the specification when a piece of information comes from the latest known server descriptor vs. from a more authoritative source.

However, here's why this might be a bit trickier to implement than it seems: we're processing server descriptors and consensuses in separate streams, and we're not making any assumption on the order in which we process them. Right now we can immediately discard a server descriptor if we already processed a new server descriptor before. But if we want to keep the server descriptor that is last referenced from a consensus, we might end up keeping many, many server descriptors. Some relays are really busy publishing new descriptors, possibly due to bugs, so this is some data that we'd have to store. We might apply some heuristics when we can safely discard a server descriptor. But this is a bit messy.

If this is actually simpler than I'm thinking right now, let's collect ideas on this ticket. Otherwise, it's indeed a low-priority ticket that we should work on after closing all the higher-priority tickets.

Thanks for opening this ticket!

Note: See TracTickets for help on using tickets.