[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3589 [Tor Bridge]: Advertise bridge pluggable transports using extra-info lines

#3589: Advertise bridge pluggable transports using extra-info lines
-------------------------+--------------------------------------------------
 Reporter:  asn          |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  normal       |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Bridge   |        Version:                    
 Keywords:               |         Parent:  #3591             
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by asn):

 Replying to [comment:8 nickm]:
 > Replying to [comment:7 karsten]:
 > > Oh, I hadn't thought of the client not knowing a bridge's extra-info
 descriptor as a security property.
 >
 > I had.
 >
 > > Are we sure there's no way for a client to learn a bridge's extra-info
 descriptor?  (I didn't find one, but I may have missed something.)
 >
 > There shouldn't be; IIRC, the bridge authority deliberately doesn't
 answer requests for extainfos, and bridges don't answer questions for
 their own extrainfo.
 >
 > (We should double-check that, I guess)

 Maybe it's this protection in `directory_handle_command_get()`:
 {{{
   if (!strcmpstart(url,"/tor/server/") ||
       (!options->BridgeAuthoritativeDir &&
        !options->BridgeRelay && !strcmpstart(url,"/tor/extra/"))) {
 }}}

 (Is this property of extra-info descriptors documented on the spec? I
 didn't manage to find it.)


 ----

 So, as I understand it, we like bridges writing their transports in their
 extra-info descriptors. That leaves bridgedb responsible for managing the
 transport information for each bridge.

 I don't have strong opinions on the subject, and maybe taking the paranoid
 route is the way to go.

 ----

 As far as an implementation plan is concerned, we should first implement
 the `method` lines in extra-info descriptors (as detailed by 180). Then we
 should implement `DECLARE` and `method-info` lines, which allow bridges to
 store method information in their router descriptors.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3589#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs