[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #8979 [pyobfsproxy]: obfsproxy: Use server-side transport parameters
#8979: obfsproxy: Use server-side transport parameters
-------------------------+--------------------------------------------------
Reporter: asn | Owner: asn
Type: task | Status: new
Priority: normal | Milestone:
Component: pyobfsproxy | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by phw):
asn and I just discussed this in #tor-dev. In principle, there are two
options:
1. We can just blindly pass all transport parameters to BridgeDB. This
would be the easiest solution. If pluggable transports expect "secret"
information which BridgeDB should not know (such as directory paths), then
the transports could provide a dedicated config file rather than let this
information pass through Tor/pyptlib/obfsproxy. Note that right now we
don't have a transport which wants secret information.
1. Instead of blindly forwarding parameters to BridgeDB, we could
sanitize them first and remove "secret" parameters. There are two ways how
this could be done:
1. pyptlib could forward the parameters to the pluggable transport
which then tells pyptlib which parameters are safe to publish. This would
probably require nontrivial changes to pyptlib/obfsproxy.
1. The "Bridge" line in the torrc could somehow encode which parameters
are safe to publish and which are not. This would requiring changing
[https://trac.torproject.org/projects/tor/ticket/8929 #8929] but could be
easier to implement than the first option.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8979#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs