[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21615 [Metrics/Atlas]: Use hashed fingerprint in all lookups



#21615: Use hashed fingerprint in all lookups
---------------------------+-----------------------------------
 Reporter:  cypherpunks    |          Owner:  irl
     Type:  enhancement    |         Status:  needs_information
 Priority:  Medium         |      Milestone:
Component:  Metrics/Atlas  |        Version:
 Severity:  Normal         |     Resolution:
 Keywords:                 |  Actual Points:
Parent ID:                 |         Points:
 Reviewer:                 |        Sponsor:
---------------------------+-----------------------------------

Comment (by karsten):

 I'm still not sure I understand the problem you're trying to solve.
 Whatever Onionoo tells you in a response you can safely include in a
 subsequent request without hashing.  It's the part about hashing user
 input that should be hashed before sending it to Onionoo, because you
 cannot be sure that the user did not tell you `B`.  But of course, if you
 want, you can hash everything you get from Onionoo.  It doesn't help but
 it also doesn't hurt.  But I may be overlooking the real issue here.
 Sorry that this is so confusing, but if it's any relief, it's confusing
 me, too. ;)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21615#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs