Delivery-Date: Thu, 12 Feb 2015 08:31:56 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=5.0 tests=BAYES_00,
	RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C9C041E0700
	for <archiver@seul.org>; Thu, 12 Feb 2015 08:31:54 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id EDBB6332A2;
	Thu, 12 Feb 2015 13:31:50 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8E9A933142
 for <tor-talk@lists.torproject.org>; Thu, 12 Feb 2015 13:31:47 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id bLDeKkNCNQ9R for <tor-talk@lists.torproject.org>;
 Thu, 12 Feb 2015 13:31:47 +0000 (UTC)
Received: from whonix.org (unknown [IPv6:2001:4b98:dc0:41:216:3eff:fe81:b0b0])
 by eugeni.torproject.org (Postfix) with ESMTP id 6231B3275B
 for <tor-talk@lists.torproject.org>; Thu, 12 Feb 2015 13:31:47 +0000 (UTC)
Received: from 127.0.0.1 (master.bofh.zone [82.211.201.188])
 by whonix.org (Postfix) with ESMTPSA id C283E612
 for <tor-talk@lists.torproject.org>; Thu, 12 Feb 2015 14:31:42 +0100 (CET)
Message-ID: <54DCAB09.5040206@whonix.org>
Date: Thu, 12 Feb 2015 13:30:49 +0000
From: Patrick Schleizer <patrick-mailinglists@whonix.org>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54D4FA72.2010402@riseup.net> <54D5432A.4080005@whonix.org>
 <20150210021715.GJ37920@moria.seul.org>
In-Reply-To: <20150210021715.GJ37920@moria.seul.org>
Subject: Re: [tor-talk] Using Tor Hidden Services as Time Source
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Roger!

Roger Dingledine:
> The first problem you're going to have here is that hidden services
> don't work unless your time is approximately correct. So you will have a
> chicken-and-egg problem using them to get an accurate time if you don't
> already have one.

Indeed. This is something I am aware off. We're currently require the
time must be correct enough for Tor to start with. And then use the time
from hidden services for fine tuning and keeping the time current in the
long run. And for that use case, fetching time from hidden services
works well enough.

For the chicken-and-egg problem, there are more improvements to come in
future, that do not depend on using hidden services. Either using middle
of valid-after / valid-until and/or asking the user for the first rough
time fix and/or in future [when these features you speak about below are
added] asking Tor what the time is.

My primary concern was overloading the Tor network. But after having the
Tor network survive the millions of Tor clients by the botnet attack (
https://blog.torproject.org/blog/how-to-handle-millions-new-tor-clients
), and other much higher traffic hidden services use (C&C), I think it
was good to ask, but a non-issue.

> I really think the right thing to do is to teach Tor how to export what
> time it thinks it is (via the control port), and to teach Tor to go get
> some extra opinions from the directory authorities if it suspects that
> your time is wrong. These are those two tickets:
> https://trac.torproject.org/projects/tor/ticket/2628
> https://trac.torproject.org/projects/tor/ticket/3652
> Tor relays know what time it is, and some of them are quite trusted and
> trustworthy, and your Tor already talks to them and learns the time in
> a secure way.
> 
> There's some design work to be done still though.

Looking forward to it!

> Also, there are apparently some bugs in Tor where if you start Tor with
> a wrong clock, and then something externally fixes the clock to be right,
> Tor doesn't notice, or doesn't notice for a while.
> https://trac.torproject.org/projects/tor/ticket/8766
> I've just explored that one a bit more and posted a partial fix, but
> more issues likely remain.

Great!

Cheers,
Patrick

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

