[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #19163 [Core Tor/Tor]: Make sure clients almost always use ntor (was: Maybe RSOS single-hop circuits should always have ntor)
#19163: Make sure clients almost always use ntor
---------------------------------------------+-----------------------------
Reporter: teor | Owner: teor
Type: defect | Status:
Priority: Medium | needs_review
Component: Core Tor/Tor | Milestone: Tor:
Severity: Normal | 0.2.9.x-final
Keywords: rsos, tor-hs, TorCoreTeam201607 | Version:
Parent ID: | Resolution:
Reviewer: | Actual Points: 5
| Points: 1.0
| Sponsor:
---------------------------------------------+-----------------------------
Description changed by teor:
Old description:
> isis asks in #1744:
> {{{
> // XXXprop#188 Why do we not care if it's ntor if it's only one hop?
> }}}
>
> I think it's because one-hop circuits were originally used only for
> directory fetches, which are authenticated by signature (and not
> private).
>
> But with RSOS, maybe we should require all one-hop paths to have ntor. I
> need to talk to a cryptographer about this.
>
> See the `populate_cpath` function for details.
New description:
Update:
All clients should use ntor for almost everything
The only exceptions are during the hidden service protocol. Client to
intro and hidden service to rendezvous should still be able to use TAP.
-----
isis asks in #1744:
{{{
// XXXprop#188 Why do we not care if it's ntor if it's only one hop?
}}}
I think it's because one-hop circuits were originally used only for
directory fetches, which are authenticated by signature (and not private).
But with RSOS, maybe we should require all one-hop paths to have ntor. I
need to talk to a cryptographer about this.
See the `populate_cpath` function for details.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19163#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs