Re: BOGUS AUTHORITY ALERT: interesting cached-status/1A0999C05AE2B9A3CF474077F06060E91B3A847 file

[Roger Dingledine <arma@xxxxxxx>]

On Mon, Mar 31, 2008 at 07:56:29PM -0500, Scott Bennett wrote:
>      It has now been several hours since I posted a message about an impostor
> authority.  Having received no response thus far from the list, I am reposting
> the message below with a stronger Subject: line.

Calm down. Your Tor client doesn't care if other people claim to be
authorities. The authorities that you trust are hard-coded in config.c,
or they're in your torrc if you specify new DirServer lines (which
you shouldn't).

Your directory mirror will collect other v2 directory networkstatus
documents just in case other clients trust them as authorities and want
a copy. (For example, if we added a new authority to the list, but you
hadn't upgraded yet, it would be handy for your cache to cache the new
stuff too.)

>  I'd also like to make the
> additional comment that I would very much like to see a torrc line available,
> similar to ExcludeNodes, that would allow individual tor operators to ignore
> specific directory servers when those operators decide there is a problem with
> those servers.  For example, "ExcludeAuthorities" would refuse to accept status
> or consensus documents from the listed servers.  "ExcludeDirectoryNodes" would
> refuse to contact the DirPort of each listed server.

Your client or cache probably got the bogus v2 networkstatus by going
to one of the caches and asking for "all" v2 networkstatuses. The bogus
ones will expire after a while.

--Roger