[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #4271 [Torflow]: Perform some integrity checking in bw auth fetches

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #4271 [Torflow]: Perform some integrity checking in bw auth fetches
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 09 Nov 2011 22:39:36 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Nov 2011 17:39:49 -0500
In-reply-to: <049.a14d42efc148f052bccd26f5c8f9920a@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.a14d42efc148f052bccd26f5c8f9920a@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4271: Perform some integrity checking in bw auth fetches
-----------------------+----------------------------------------------------
 Reporter:  mikeperry  |          Owner:  mikeperry
     Type:  defect     |         Status:  new      
 Priority:  normal     |      Milestone:           
Component:  Torflow    |        Version:           
 Keywords:             |         Parent:           
   Points:             |   Actualpoints:           
-----------------------+----------------------------------------------------

Comment(by mikeperry):

 The repo is fine for storing the certificates. Though you'll note in
 mikeperry/pid_control I added the ability to randomly choose one url from
 a list of URLs. We need to support multiple URLs for that.

 As for making noise.. Hrmm.. Let's do baby steps for that. Any incremental
 improvement on validation is good here, but we don't want to allow
 arbitrary SSL MITMs to break or otherwise delay the bw scan, and finding
 them is the exit authority's job.

 Therefore, I think "log a WARN in bwauthority_child, but fallback to
 unverified download" is the best option.

 We should make another ticket for figuring out how to make aggregate.py
 properly report all bw.log WARNs and ERRORs from all four child scanners.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4271#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2019 [Torflow]: ExitAuthority: --help and better options handling
Next by Author: [tor-bugs] #4445 [Torflow]: Gather WARN and ERROR log lines from bwauth children in aggregate.py
Previous by thread: Re: [tor-bugs] #2019 [Torflow]: ExitAuthority: --help and better options handling
Next by thread: Re: [tor-bugs] #4271 [Torflow]: Perform some integrity checking in bw auth fetches
Index(es):
- Author
- Thread