[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30382 [Core Tor/Tor]: Provide control port event for when we are missing v3 client auth for an onion



#30382: Provide control port event for when we are missing v3 client auth for an
onion
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  dgoulet
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tbb-usability, hs-auth,      |  Actual Points:
  network-team-roadmap-2019-Q1Q2, tor-spec       |
Parent ID:  #14389                               |         Points:  6
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by mcs):

 Replying to [comment:11 dgoulet]:
 > In my torspec repo: https://git.torproject.org/user/dgoulet/torspec.git
 >
 > Branch: `ticket30382_01`
 >
 > I think there are too many codes there for what we need here but I
 wanted to at least get the basic errors implemented as well. The last two
 are the one TB needs for this.

 Kathy and I think the proposal looks good. Just a couple of comments:
 - I had trouble understanding the note near the beginning. Maybe reword
 to: "When Tor Browser supports HTTPCONNECT, we plan to stop using these
 SOCKS5 extensions."
 - Regarding compatibility, it seems like it would be safer for tor to not
 emit these new error codes unless enabled via a config option (maybe a
 SocksPort flag). Otherwise, non Tor Browser clients that use the SocksPort
 may be unhappy. Or maybe enable by default but provide an "escape hatch"
 that allows them to be disabled somehow.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30382#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs