[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible

Subject: Re: [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 06 Jul 2014 15:38:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 06 Jul 2014 11:38:34 -0400
In-reply-to: <046.4e04d1b1fca13534f87f8c3980e5e04b@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.4e04d1b1fca13534f87f8c3980e5e04b@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#12536: BridgeDB e-mails should be encrypted when possible
--------------------------+--------------------------------------------
     Reporter:  andrea    |      Owner:  isis
         Type:  defect    |     Status:  closed
     Priority:  normal    |  Milestone:
    Component:  BridgeDB  |    Version:
   Resolution:  wontfix   |   Keywords:  bridgedb-email, bridgedb-2.0.x
Actual Points:            |  Parent ID:
       Points:            |
--------------------------+--------------------------------------------
Changes (by isis):

 * keywords:   => bridgedb-email, bridgedb-2.0.x
 * cc: isis, sysrqb (added)
 * status:  new => closed
 * resolution:   => wontfix


Comment:

 So... as much as I would love to offer this feature, it's not safe to have
 the server which has the BridgeDB databases on it parse arbitrary OpenPGP
 packets, due to the complication of the specification of those packets and
 the fact that no implementation of RFC4880 yet-to-date has followed the
 spec (they've all diverged from it in slightly different incompatible
 ways).

 For a different version of what you're asking for, see ticket #9332. This
 feature would not extend to general users, however. Perhaps if/when the
 email distributor runs on a separate machine, then we can safely consider
 implementing this feature. For now, I won't do it because it risks giving
 an adversary access to the entire bridge database.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12536#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #12537 [BridgeDB]: Perhaps BridgeDB should supply decoys
Next by Author: Re: [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
Previous by thread: Re: [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
Next by thread: Re: [tor-bugs] #12536 [BridgeDB]: BridgeDB e-mails should be encrypted when possible
Index(es):
- Author
- Thread