[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3038 [Tor Directory Authority]: Update dir-spec.txt with microdesc, consensus-flavor info



#3038: Update dir-spec.txt with microdesc, consensus-flavor info
-------------------------------------+--------------------------------------
 Reporter:  nickm                    |          Owner:  nickm             
     Type:  defect                   |         Status:  needs_revision    
 Priority:  major                    |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Directory Authority  |        Version:                    
 Keywords:                           |         Parent:  #4933             
   Points:                           |   Actualpoints:                    
-------------------------------------+--------------------------------------

Comment(by karsten):

 Replying to [comment:10 rransom]:
 > >        [Should we mention that clients don't learn identity keys
 anymore
 > >        with this approach?  Clients only need identity keys for their
 > >        entry guards, and in that case they learn the identity key from
 > >        the TLS handshake.  But clients couldn't check identity keys of
 > >        non-entry nodes with the microdescriptor approach anymore, even
 if
 > >        they wanted. -KL]
 >
 > The microdesc consensus still contains every relay's identity key
 fingerprint, which (with Tor's current link protocols) is enough for a
 client or relay to verify that it is opening an OR connection to the right
 destination relay.
 >
 > Clients have never been able to check the identity keys of relays which
 they do not connect to directly; that's why Tor uses âonion keysâ to
 authenticate relays in its circuit-extension handshake protocol.

 Nick said above that he wants to "add something to talk about the security
 model here."  Please feel free to write something there and remove my
 comment.  Or just delete my comment if it doesn't make sense.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3038#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs