[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 20 Jun 2019 14:12:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 20 Jun 2019 10:12:48 -0400
In-reply-to: <047.8abfd1e85635fc06670a35b5ede5339f@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.8abfd1e85635fc06670a35b5ede5339f@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24964: dos: Block single hop client at the HSDir
--------------------------------------+------------------------------------
 Reporter:  dgoulet                   |          Owner:  dgoulet
     Type:  defect                    |         Status:  needs_review
 Priority:  Medium                    |      Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor              |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tor-dos, tor2web, tor-hs  |  Actual Points:  0.1
Parent ID:  #24962                    |         Points:  0.1
 Reviewer:                            |        Sponsor:  Sponsor27-must
--------------------------------------+------------------------------------
Changes (by dgoulet):

 * status:  needs_revision => needs_review


Comment:

 After discussion with teor on IRC, it appears the patch are good.

 Reason is that a single onion service will always 3-hop to the HSDir. Thus
 anything not authenticating on the directory connection channel means it
 is not a public relay.

 The goal of this is also to not allow C -> Bridge -> HSDir.

 > Maybe I missed it, but, is there something specific we're aiming to fix
 with this patch? Or is this just completeness from the earlier "stop
 allowing single-hop anything" changes?

 To answer your question Roger, completeness yes. Point is to close down
 any access to HS component in a single hop fashion to both remove load on
 the network but also stop very early any single hop clients instead of
 stopping them at the rendezvous point only.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24964#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #30886 [Core Tor/Chutney]: Add pluggable transport support to chutney's tools/test-network.sh
Next by Author: Re: [tor-bugs] #30565 [Applications/Tor Browser]: roll back to previous version of TBB - saved logins and tabs lost after tor browser bundle upgrade (8.5)
Previous by thread: Re: [tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir
Next by thread: Re: [tor-bugs] #24964 [Core Tor/Tor]: dos: Block single hop client at the HSDir
Index(es):
- Author
- Thread