[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: BOGUS AUTHORITY ALERT: interesting cached-status/1A0999C05AE2B9A3CF474077F06060E91B3A847 file



     On Tue, 1 Apr 2008 08:25:21 +0200 Peter Palfrader <peter@xxxxxxxxxxxxx>
wrote:
>On Mon, 31 Mar 2008, Scott Bennett wrote:
>
>> >Your client or cache probably got the bogus v2 networkstatus by going
>> >to one of the caches and asking for "all" v2 networkstatuses. The bogus
>> >ones will expire after a while.
>> >
>>      But is there currently a way that I can, w.r.t. my torrc, "learn" from
>> the experience?  I.e., is there a way I can tell it to *reject* any such bogus
>> networkstatus documents regarding that "authority" in the future?
>
>How will you know it's bogus?

     I choose not to accept it as valid until someone like you or Roger or
Nick announces it as a new authority on this list or the or-announce list.
>
>Calm down, all is fine.  Move on.
>
     I don't know why you think I'm not calm already.  In any case, why is
it fine that my tor server may be deliberately induced by an inappropriately
configured tor server elsewhere to give out bad networkstatus documents, even
if those networkstatus documents would be ignored by most/all other servers?
Even if it happens not to create a security breach, it still wastes bandwidth,
etc.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************