[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #4773 [Tor Bridge]: Implement Extended OR port (part of proposal 180)
#4773: Implement Extended OR port (part of proposal 180)
------------------------+---------------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor Bridge | Version:
Keywords: | Parent: #5408
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by asn):
Replying to [comment:15 arma]:
> I haven't been following this discussion or the proposal, but
> - I'd say there's no need yet to handle the case where the bridge is on
a different machine than the obfsproxy.
> - If we do in fact have a sensitive TCP connection where we bind to
localhost and think of that as our authentication mechanism, that's bad.
Yes, I'm not sure what is the best thing to do here. We are basically
opening ourselves to another round of
http://www.remote.org/jochen/sec/hfpa/index.html.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4773#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs