[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] "drop all vulnerable relays from the consensus"



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

"If someone publishes or demonstrates a code-exec exploit [...] we
should drop all vulnerable relays from the consensus" [1]

- - Does Tor provide Authority Directories with an easy way to reject/drop
relays from the consensus based on the platform string or is this only
possible based on FP or IP?

- - How will Directory Authorities determine if a relay is "vulnerable"?
(inspecting the platform string only)?

thanks,
tagnaq


[1] #2751


CVE-2011-0427
CVE-2010-1676
-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAk3QOdUACgkQyM26BSNOM7bRhgD/VeeAefHnfTK+PzdBMOThwchd
w18WFpZDw3Y6BcMXY3ABALRzOc6gSYcBER5Zp5XVyq6h2ShpEdhovFZ0PgjWLocJ
=gSvm
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk