[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: possible security hole(unsure)(really minor)

On Sat, Apr 15, 2006 at 10:11:28PM -0400, Watson Ladd wrote:
> I think a lot of people are using an out-of-date or incomplete spec.
> is there a site with all the specs?

http://tor.eff.org/documentation#DesignDoc points to the ones that exist.

It is becoming increasingly clear that we should write a spec for "how
Tor chooses paths". This is not necessary to build a compatible Tor,
but it is necessary to understanding what security we're getting, and
to understanding what should change.

I plan to get to this sometime in late 2006 at this point. I would
welcome some help (in fact, it's often better when somebody who didn't
write the code specifies what it appears to be doing -- this uncovers
a lot of problems). Thumbing through circuitbuild.c is a good first step.