[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #12559 [Core Tor/Tor]: DirPort can't fetch router status entries by fingerprint

Subject: Re: [tor-bugs] #12559 [Core Tor/Tor]: DirPort can't fetch router status entries by fingerprint
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 09 Nov 2016 02:43:36 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 Nov 2016 21:43:46 -0500
In-reply-to: <046.a3194edda678eb6ce9168fd3f56f942a@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.a3194edda678eb6ce9168fd3f56f942a@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#12559: DirPort can't fetch router status entries by fingerprint
--------------------------+----------------------------------
 Reporter:  atagar        |          Owner:
     Type:  enhancement   |         Status:  new
 Priority:  Low           |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+----------------------------------
Changes (by arma):

 * severity:   => Normal


Comment:

 I agree with Nick that serving unsignd subsets of the consensus via the
 dirport is a sketchy idea.

 Something that's using the dirport for this feature could very easily end
 up using it unsafely.

 I would suggest that the better behavior for a program that wants to use
 the dirport for this feature is to fetch the consensus and cache it
 locally, and then when it wants to do a lookup, do an if-modified-since
 dirport request for the consensus, and get and verify the signature and
 cache a new version if there is one, and then use the chunk of the
 consensus that it wanted to use.

 Or is this external application going to want to do just one routerstatus
 lookup?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12559#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #20751 [Applications/TorBirdy]: enforce stronger ciphers in torbirdy
Next by Author: Re: [tor-bugs] #20564 [Metrics]: Add Jenkins configuration for running metrics-lib's unit tests and producing a .jar file
Previous by thread: Re: [tor-bugs] #13386 [Core Tor/Tor]: "opening new log file" line goes to err-logfile despite being at loglevel notice
Next by thread: Re: [tor-bugs] #12559 [Core Tor/Tor]: DirPort can't fetch router status entries by fingerprint
Index(es):
- Author
- Thread