[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Proposal 300: Walking Onions: Scaling and Saving Bandwidth
Hi Nick,
Thanks for posting this initial draft. I enjoyed reading more of the details, after hearing about it last week.
On February 5, 2019 5:02:50 PM UTC, Nick Mathewson <nickm@xxxxxxxxxxxxxx> wrote:
>Filename: 300-walking-onions.txt
>Title: Walking Onions: Scaling and Saving Bandwidth
>Author: Nick Mathewson
>Created: 5-Feb-2019
>Status: Draft
>
>0. Status
>
> This proposal describes a mechanism called "Walking Onions" for
> scaling the Tor network and reducing the amount of client bandwidth
> used to maintain a client's view of the Tor network.
...
> 4. As part of verifying the handshake, the client verifies that the
> SNIP was signed by enough authorities, that its timestamp
> is recent enough, and that it actually corresponds to the
> random index that the client selected.
Let's make sure that we check the signature *first*, before parsing the rest of the document. (Maybe that's something we can specify when we write the detailed section 4.)
Tor's current directory parsing implementation parses the document, then checks the signature. This order makes some parsing bugs easier to trigger, because they don't require a valid set of authority signatures.
We could encourage implementers to check the signature first by putting it first in the document, or adding a signature offset field to the header. Or we could document this issue in a security considerations section, and hope all the implementers read it.
T
--
teor
----------------------------------------------------------------------
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev