[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #6322 [- Select a component]: When we do DNSSEC

To: undisclosed-recipients:;
Subject: [tor-bugs] #6322 [- Select a component]: When we do DNSSEC
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 06 Jul 2012 14:08:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Jul 2012 10:08:10 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#6322: When we do DNSSEC
----------------------------------+-----------------------------------------
 Reporter:  ioerror               |          Owner:  nickm
     Type:  enhancement           |         Status:  new  
 Priority:  normal                |      Milestone:       
Component:  - Select a component  |        Version:       
 Keywords:  dnssec                |         Parent:       
   Points:                        |   Actualpoints:       
----------------------------------+-----------------------------------------
 I think we should cross verify entries in the cache - if one exit or
 upstream somehow has the ability to forge a sig for an entry,
 torproject.org. (by owning us and taking our DNSSEC keys), we should do
 something smart.

 We will have to deal with updates to DNS records and also stolen keys that
 are able to properly sign a new DNS records.

 We'll also need to deal with GeoIP giving different answers to different
 exits, etc.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6322>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #6322 [Tor Client]: When we do DNSSEC, write a proposal for cross-verification (was: When we do DNSSEC)
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #6321 [Tor Client]: Write a proposal for unverified DNS caching
Next by Author: [tor-bugs] #6323 [Website]: Remove Polipo references from the website
Previous by thread: Re: [tor-bugs] #6321 [Tor Client]: Write a proposal for unverified DNS caching
Next by thread: Re: [tor-bugs] #6322 [Tor Client]: When we do DNSSEC, write a proposal for cross-verification (was: When we do DNSSEC)
Index(es):
- Author
- Thread