[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20831 [Core Tor/Tor]: Support existing guard torrc options better with new guard code, or deprecate them.

Subject: Re: [tor-bugs] #20831 [Core Tor/Tor]: Support existing guard torrc options better with new guard code, or deprecate them.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 13 Dec 2016 19:03:27 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 13 Dec 2016 14:03:36 -0500
In-reply-to: <045.83d271c413b55ca8b03143bcf9a1df78@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.83d271c413b55ca8b03143bcf9a1df78@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#20831: Support existing guard torrc options better with new guard code, or
deprecate them.
-------------------------------------------------+-------------------------
 Reporter:  nickm                                |          Owner:  nickm
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.0.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-guard regression                 |  Actual Points:  .2
  TorCoreTeam201612                              |
Parent ID:  #20822                               |         Points:  2
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 >I'm not 100% persuaded that NumDirectoryGuards==3 actually offers much
 security, if the top primary guard is malicious. I remember the argument
 about malicious directory guards refusing to serve relay descriptors, but
 I kinda feel that we are screwed anyway if the top primary guard is evil
 since all circuits are going to go through it anyhow.

 Right.  My rationale here was more strongly influenced by one of the
 comments on #20909 or its kin about how having 3 directory guards
 prevented #20499 from causing major chaos on the network.

 >Also, the patch only supports multiple entry guards when it comes to
 primary guards, and does not try to generalize the logic to the other
 guard picking cases.

 The choice that multiple entry guards only applies to primary guards was
 intentional, since if we're ever prevented from using all our primary
 guards, we want to be cautious about using more guards.

 >A spec patch is definitely useful for this.

 Can do, once we decide we should do something like this.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20831#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #21035 [Core Tor/Tor]: Assertion in 0.2.9.8: monotime_coarse_get
Next by Author: Re: [tor-bugs] #20886 [Core Tor/DocTor]: Track expiring approved-routers.conf entries from 2006 to 2015
Previous by thread: Re: [tor-bugs] #20831 [Core Tor/Tor]: Support existing guard torrc options better with new guard code, or deprecate them.
Next by thread: Re: [tor-bugs] #20831 [Core Tor/Tor]: Support existing guard torrc options better with new guard code, or deprecate them.
Index(es):
- Author
- Thread