[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Version checking (was Re: 25 tbreg relays in directory)
- To: or-talk@xxxxxxxxxxxxx, Scott Bennett <bennett@xxxxxxxxxx>
- Subject: Re: Version checking (was Re: 25 tbreg relays in directory)
- From: Tripple Moon <tripple.moon@xxxxxxxxx>
- Date: Wed, 29 Apr 2009 03:13:52 -0700 (PDT)
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 29 Apr 2009 06:13:56 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1241000032; bh=qUNy3K0ZJ3o55y/NkeIzVeUY/MQu47/ZfUU2RVFWXgM=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=AIfDf7COrGAu5LvDSpNVVpmHLy36u7WSxPqGbDUHLo7i8Zkxus4RcYvJBwcwE9Yrmer5npezT/0Z917wUQG0PUi9BCgO3uPr/cw9XFcVypET+yTxtXow/97NVg95Q867tV/nkF3++li4q6zylwRB1MPuZxPPOu6bfRBhgloFq/k=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=GY6ae4x8CoR8oOvW+FhwSAOvoCDJWHv5cOtKdaQQ+4WUs/nJeILqzDD/muizFFjGjNTvvA9B3cEfahbJGbJt00iqTftiXkcQ6SelnB0QpM7R7w0T4qEGYIK7lAyOGpxieYYtC+kAYeYyosTIe4IQfHP5U1dluFGUH/lPFsOnnbY=;
- In-reply-to: <200904281055.n3SAtfgR015124@xxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
first off, please only reply to the mailing-list address otherwise ppl like me are getting your messages double, just like you will get now...
--- On Tue, 4/28/09, Scott Bennett <bennett@xxxxxxxxxx> wrote:
[cut for clarity]
> Laying aside for the moment the matter of how the rest
> of the tor nodes
> should determine the trustworthiness/credibility of the tor
> instance making
> the announcement or even why the tor network, either as a
> "whole" or as
> individual nodes, should care about the integrity of a
> client (!), how to you
> propose to calculate a verification digest--a CRC would not
> likely be
> considered adequately reliable--based upon the executable
> binary of software
> a) comes in many successive version,
> b) can be compiled for many hardware architectures, not
> all of which
> are necessarily known to the developers,
> c) can be compiled for many operating systems, not all of
> which are
> necessarily known to the developers, and
> d) can be compiled by untold numbers of versions of many
> not all of which are necessarily known to the developers?
All of the above can be waifed void, when those versions are announced on the mailing list.
> >IMHO, this kind of "login procedure to enter the
> tor-network" will make it more secure and manageable.
> More secure and manageable for whom?? Big Brother?
> Obviously not for
> the supposedly anonymous tor user...jeesh.
Ofcourse not silly....
- More secure for the "anonymous tor user" because he will be forced to upgrade its client to stay connected to the tor-network, if (s)he doesn't upgrade his/her insecure client (s)he will be denied by other tor's to the network.
- More manageable for the tor development team, because they will know exactly which versions are being used by current users of the tor program.
> >Again, i have _no_ idea at present how the tor program
> handles things at present, so if its already done like that
> or even better just disregard what i wrote :D
> It doesn't, and it shouldn't.