[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.

Subject: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 16 Sep 2014 10:58:54 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 16 Sep 2014 06:59:03 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13171: meek's reflector should forward the client's IP address/port to the bridge.
-------------------------+---------------------
 Reporter:  yawning      |          Owner:  dcf
     Type:  enhancement  |         Status:  new
 Priority:  normal       |      Milestone:
Component:  meek         |        Version:
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
-------------------------+---------------------
 It would be nice to do this so the value passed to the ExtORPort was
 correct for better metrics.  A few ways this could be done, off the top of
 my head:
  * Set `X-Forwarded-For`.  The "standard" layout of this field doesn't
 include the port, but since it's unofficial, there's nothing stopping us
 from adding it.  This would require us to secure the link between the
 reflector and the meek-server instance separately, which means TLS.
  * Set a custom header (Eg: `Meek-Forwarded-For`), with a
 encrypted/encoded IP/Port pair.  Less overhead than bringing TLS into the
 picture.  I would use something like a Base64 encoded NaCl
 crypto_secretbox.  Key management here may be an issue, though it depends
 on who runs the bridge and reflector (The other method has cert management
 to deal with so this isn't a strict minus IMO).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13171>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #5578 [Flashproxy]: Investigate WebRTC for flash proxy NAT punching
Next by Author: Re: [tor-bugs] #5578 [Flashproxy]: Investigate WebRTC for flash proxy NAT punching
Previous by thread: Re: [tor-bugs] #5578 [Flashproxy]: Investigate WebRTC for flash proxy NAT punching
Next by thread: Re: [tor-bugs] #13171 [meek]: meek's reflector should forward the client's IP address/port to the bridge.
Index(es):
- Author
- Thread