Rate limit RELAY_EARLY and TLS by IP

It is possible to execute an amplification attack on the Tor network and/or the directory authorities by launching many onionskin and tls attempts to each relay. These onion skins do not have to be valid, and can be replays: their only purpose would be to induce a relay to perform the PK step to attempt to decrypt them. Such an amplification attack can be used to consume all of the spare CPU of a relay.

One solution would be to rate limit RELAY_EARLY and TLS connections by IP address as opposed to by only circuit.

This ticket is meant as a place for the discussion for the creation of a proper Tor proposal for this behavior.