[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 10 Apr 2013 01:59:17 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Apr 2013 21:59:28 -0400
In-reply-to: <049.f47df7abd8ea940c858f8dd249532f19@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.f47df7abd8ea940c858f8dd249532f19@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  major        |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:                    
 Keywords:  tor-relay    |         Parent:  #5456             
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by mikeperry):

 Replying to [comment:8 nickm]:
 > (Incidentally, if the attacker steals the identity key but doesn't have
 the right TLS cert, it will fail at MITMing any connection that uses
 AUTHENTICATE cells from the client.  So you can detect whether somebody's
 doing this today by making connections to a bunch of servers from an IP
 that isn't recognized as a server, and then trying to AUTHENTICATE to
 them.)

 I missed this comment initially, and I'm still a little confused here. Can
 you explain how this would fail in more detail? Is the idea to test as a
 relay for MTIM of your outgoing TLS connections?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Next by Author: Re: [tor-bugs] #6009 [TorBrowserButton]: Implement a Tor controller as a browser extension
Previous by thread: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Next by thread: [tor-bugs] #8674 [EFF-HTTPS Everywhere]: Installing HTTPS Everywhere + security.mixed_content.block_active_content breaks Youtube.com
Index(es):
- Author
- Thread