[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #3589 [Tor Bridge]: Advertise bridge pluggable transports using extra-info lines
#3589: Advertise bridge pluggable transports using extra-info lines
-------------------------+--------------------------------------------------
Reporter: asn | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor Bridge | Version:
Keywords: | Parent: #3591
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by asn):
Replying to [comment:8 nickm]:
> Replying to [comment:7 karsten]:
> > Oh, I hadn't thought of the client not knowing a bridge's extra-info
descriptor as a security property.
>
> I had.
>
> > Are we sure there's no way for a client to learn a bridge's extra-info
descriptor? (I didn't find one, but I may have missed something.)
>
> There shouldn't be; IIRC, the bridge authority deliberately doesn't
answer requests for extainfos, and bridges don't answer questions for
their own extrainfo.
>
> (We should double-check that, I guess)
Maybe it's this protection in `directory_handle_command_get()`:
{{{
if (!strcmpstart(url,"/tor/server/") ||
(!options->BridgeAuthoritativeDir &&
!options->BridgeRelay && !strcmpstart(url,"/tor/extra/"))) {
}}}
(Is this property of extra-info descriptors documented on the spec? I
didn't manage to find it.)
----
So, as I understand it, we like bridges writing their transports in their
extra-info descriptors. That leaves bridgedb responsible for managing the
transport information for each bridge.
I don't have strong opinions on the subject, and maybe taking the paranoid
route is the way to go.
----
As far as an implementation plan is concerned, we should first implement
the `method` lines in extra-info descriptors (as detailed by 180). Then we
should implement `DECLARE` and `method-info` lines, which allow bridges to
store method information in their router descriptors.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3589#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs