30

We received an Atlas patch that adds tooltips to relay flags, so that relay operators can better understand what these flags mean. The patch author used dir-spec.txt as their guide. I wonder if these are good explanations, or if they should be closer to the spec or even implementation, or if they should be more general. Here are the suggestions:

  • BadExit: This relay breaks stuff, either maliciously or through misconfiguration.
  • Fast: This relay has lots of bandwidth available.
  • Guard: This relay is suitable to be the first hop (entry relay) in a Tor circuit.
  • HSDir: This relay is a v2 hidden service directory.
  • Named: This relay has a nickname.
  • Running: This relay has been online within the past 45 minutes.
  • Stable: This relay is considered stable.
  • V2Dir: This relay supports the v2 directory protocol.
  • Valid: This relay is running a version of Tor not known to be broken, and the directory authority has not blacklisted it as suspicious.
  • Unnamed: This relay's configured nickname is used by another relay.
  • Exit: This relay is configured to be the last hop (exit relay) in a Tor circuit.

Are there better phrasings for some/all of these?

Roya
  • 3,240
  • 3
  • 19
  • 40
karsten
  • 1,419
  • 1
  • 10
  • 16

3 Answers3

14

So I discovered there are some decent one-liner descriptions written in the dir-spec.txt after all. I propose I yoink these verbatim:

"Authority" if the router is a directory authority.
"BadExit" if the router is believed to be useless as an exit node
   (because its ISP censors it, because it is behind a restrictive
   proxy, or for some similar reason).
"Exit" if the router is more useful for building
   general-purpose exit circuits than for relay circuits.  The
   path building algorithm uses this flag; see path-spec.txt.
"Fast" if the router is suitable for high-bandwidth circuits.
"Guard" if the router is suitable for use as an entry guard.
"HSDir" if the router is considered a v2 hidden service directory.
"NoEdConsensus" if any Ed25519 key in the router's descriptor or
   microdesriptor does not reflect authority consensus.
"Stable" if the router is suitable for long-lived circuits.
"Running" if the router is currently usable over all its published
   ORPorts. (Authorities ignore IPv6 ORPorts unless configured to
   check IPv6 reachability.) Relays without this flag are omitted
   from the consensus, and current clients (since 0.2.9.4-alpha)
   assume that every listed relay has this flag.
"Valid" if the router has been 'validated'. Clients before
   0.2.9.4-alpha would not use routers without this flag by
   default. Currently, relays without this flag are omitted
   fromthe consensus, and current (post-0.2.9.4-alpha) clients
   assume that every listed relay has this flag.
"V2Dir" if the router implements the v2 directory protocol or
   higher.
JustinBull
  • 241
  • 1
  • 2
9

There's a good break-down of most of these at https://github.com/torproject/torspec/blob/master/dir-spec.txt

It doesn't cover your full list, but the ones it does cover are very clearly explained:

Authority

A router is called an ‘Authority’ if the authority generating the network-status document believes it is an authority

Exit

A router is called an 'Exit' iff it allows exits to at least one /8 address space on each of ports 80 and 443. (Up until Tor version 0.3.2, the flag was assigned if relays exit to at least two of the ports 80, 443, and 6667.)

Fast

A router is 'Fast’ if it is active, and its bandwidth is either in the top 7/8ths for known active routers or at least some minimum (20KB/s until 0.2.3.7-alpha, and 100KB/s after that).

Guard

A router is a possible 'Guard’ if its Weighted Fractional Uptime is at least the median for “familiar” active routers, and if its bandwidth is at least median or at least 250KB/s.

To calculate weighted fractional uptime, compute the fraction of time that the router is up in any given day, weighting so that downtime and uptime in the past counts less.

A node is 'familiar’ if 1/8 of all active nodes have appeared more recently than it, OR it has been around for a few weeks.

HSDir

A router is a v2 hidden service directory if it stores and serves v2 hidden service descriptors, and the authority believes that it’s been up for at least 25 hours (or the current value of MinUptimeHidServDirectoryV2).

Named

Directory authority administrators may decide to support name binding. If they do, then they must maintain a file of nickname-to-identity-key mappings, and try to keep this file consistent with other directory authorities. If they don’t, they act as clients, and report bindings made by other directory authorities (name X is bound to identity Y if at least one binding directory lists it, and no directory binds X to some other Y’.) A router is called 'Named’ if the router believes the given name should be bound to the given key.

Two strategies exist on the current network for deciding on values for the Named flag. In the original version, relay operators were asked to send nickname-identity pairs to a mailing list of Naming directory authorities’ operators. The operators were then supposed to add the pairs to their mapping files; in practice, they didn’t get to this often.

Newer Naming authorities run a script that registers routers in their mapping files once the routers have been online at least two weeks, no other router has that nickname, and no other router has wanted the nickname for a month. If a router has not been online for six months, the router is removed.

Running

A router is 'Running’ if the authority managed to connect to it successfully within the last 45 minutes.

Stable

A router is 'Stable’ if it is active, and either its Weighted MTBF is at least the median for known active routers or its Weighted MTBF corresponds to at least 7 days. Routers are never called Stable if they are running a version of Tor known to drop circuits stupidly. (0.1.1.10-alpha through 0.1.1.16-rc are stupid this way.)

To calculate weighted MTBF, compute the weighted mean of the lengths of all intervals when the router was observed to be up, weighting intervals by $\alpha^n$, where $n$ is the amount of time that has passed since the interval ended, and $\alpha$ is chosen so that measurements over approximately one month old no longer influence the weighted MTBF much. [XXXX what happens when we have less than 4 days of MTBF info.]

Unnamed

Directory authorities that support naming should vote for a router to be 'Unnamed’ if its given nickname is mapped to a different identity.

Valid

a router is 'Valid’ if it is running a version of Tor not known to be broken, and the directory authority has not blacklisted it as suspicious.

V2Dir

A router supports the v2 directory protocol if it has an open directory port, and it is running a version of the directory protocol that supports the functionality clients need. (Currently, this is 0.1.1.9-alpha or later.)

ntfs.hard
  • 103
  • 3
Andrew Lott
  • 2,754
  • 5
  • 29
  • 46
0

Flags: dizum, faravahar, maatushka,danneberg,gabelmoo,longclaw ed c. Apologies for asking such a basic question but I'm having trouble finding a clear answer. I see a scattering of information from having a rummage around the 'net, but nothing that appears to describe how..?Know Someone Who Can Answer?