[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 10 Apr 2013 00:21:47 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 09 Apr 2013 20:21:56 -0400
In-reply-to: <049.f47df7abd8ea940c858f8dd249532f19@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.f47df7abd8ea940c858f8dd249532f19@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  major        |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:                    
 Keywords:  tor-relay    |         Parent:  #5456             
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by nickm):

 (Incidentally, if the attacker steals the identity key but doesn't have
 the right TLS cert, it will fail at MITMing any connection that uses
 AUTHENTICATE cells from the client.  So you can detect whether somebody's
 doing this today by making connections to a bunch of servers from an IP
 that isn't recognized as a server, and then trying to AUTHENTICATE to
 them.)

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Next by Author: Re: [tor-bugs] #8470 [Firefox Patch Issues]: Request randomization a lot less random in FF17
Previous by thread: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Next by thread: Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Index(es):
- Author
- Thread