[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5608 [Metrics Data Processor]: Order of sanitizing bridge descriptor tarballs matters even though it shouldn't
#5608: Order of sanitizing bridge descriptor tarballs matters even though it
shouldn't
------------------------------------+---------------------------------------
Reporter: karsten | Owner: karsten
Type: defect | Status: new
Priority: normal | Milestone:
Component: Metrics Data Processor | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------------------+---------------------------------------
Comment(by karsten):
Solved, I think.
We don't have to calculate descriptor identifiers based on descriptor
contents, but we can simply use the SHA1 of the non-scrubbed descriptor
identifier as identifier in the scrubbed descriptors.
[https://lists.torproject.org/pipermail/tor-dev/2012-May/003557.html This
tor-dev posting] contains an example.
I briefly thought about security implications of writing the SHA1 of a
descriptor digest into a modified version of that descriptor. But we're
modifying enough of that descriptor to prevent people from guessing what
the original descriptor was. For example, we always replace the bridge
fingerprint with its SHA1.
The patch is [https://gitweb.torproject.org/karsten/metrics-
db.git/commitdiff/0d521ad here]. As one can see, this change reduces
complexity of the bridge descriptor sanitizer a lot!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5608#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs