[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2297 [Tor Client]: fetching certs for legacy keys?

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2297 [Tor Client]: fetching certs for legacy keys?
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 30 Mar 2012 19:29:25 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 30 Mar 2012 15:29:37 -0400
In-reply-to: <044.b6c40049d1074310c3d10d3618932ac1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.b6c40049d1074310c3d10d3618932ac1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2297: fetching certs for legacy keys?
------------------------+---------------------------------------------------
 Reporter:  arma        |          Owner:                    
     Type:  defect      |         Status:  needs_review      
 Priority:  normal      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Client  |        Version:  Tor: unspecified  
 Keywords:              |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------
Changes (by nickm):

  * status:  needs_revision => needs_review


Comment:

 Examining again, this fix seems less than wholly related to the issue.
 The behavior of the fix is to *narrow* the circumstances under which we
 download and/or store certificates for authorities which we don't
 recognize.  Currently, we do this if we serve directory information, or if
 we are an exit.

 It's correct that if we're just an exit node, not a directory or a bridge,
 we don't need to fetch or store these certificates.  So in that respect
 the patch is correct.

 But it's not a necessarily patch for the original issue, I think.  Ian's
 issue was that his server was fetching these certs on _every_ startup, and
 he wondered, "Why are we continually missing them?"  And I don't see how
 this patch actually addresses that, unless there's some code someplace
 else that discards these certs as unwanted after getting them.

 Nonetheless I've ported this patch to master, and written what I think is
 an accurate changes message; it makes stuff better, whether it solves the
 issue Ian was seeing or not.  I'm not keen to merge it back to 0.2.2.x
 unless somebody sees some reason why the current behavior is actually
 causing trouble.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2297#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5526 [Tor Relay]: Expose current Accounting calculation
Next by Author: Re: [tor-bugs] #2905 [Vidalia]: Adapt Vidalia UI to allow users to avoid connecting to the public tor network
Previous by thread: Re: [tor-bugs] #2297 [Tor Client]: fetching certs for legacy keys?
Next by thread: Re: [tor-bugs] #3793 [Tor Client]: ago 22 20:54:55.277 [Error] libevent call with kqueue failed: Bad file descriptor [9]
Index(es):
- Author
- Thread