[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify

To: undisclosed-recipients:;
Subject: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 17 May 2011 05:38:24 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 17 May 2011 01:38:35 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3207: limit more keys to the exponent we specify
-------------------------+--------------------------------------------------
 Reporter:  arma         |          Owner:                  
     Type:  enhancement  |         Status:  new             
 Priority:  normal       |      Milestone:  Tor: unspecified
Component:  Tor Relay    |        Version:                  
 Keywords:               |         Parent:                  
   Points:               |   Actualpoints:                  
-------------------------+--------------------------------------------------
 In 987190c2bc1 we started to require that certain keys have a public
 exponent 65537.

 In particular, it looks like we covered the onion (circuit handshake) key,
 the onion (handshake) key for intro circuits, and the intro point service
 key.

 A fellow on irc named 'signing_key' points out that we left out
 K_SIGNING_KEY. He noted that if we had enforced the exponent on that key
 in the past, CVE-2011-0427 might not have been so bad.

 He also points out that we left out the onion key in the microdescriptor.
 The authorities will refuse the normal descriptor, so it is implicitly
 filtered now, but if we want it to be filtered we should do it clearly.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3207>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #3206 [Tor Client]: Truck Rentals - How To Save Money On A Rental Moving Truck
Next by Author: Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
Previous by thread: [tor-bugs] #3206 [Tor Client]: Truck Rentals - How To Save Money On A Rental Moving Truck
Next by thread: Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify
Index(es):
- Author
- Thread