[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors

Subject: Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sun, 01 May 2016 08:47:05 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 01 May 2016 04:47:14 -0400
In-reply-to: <044.0fa2f0a385a1f82aa0fc9a47a60ebc9f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.0fa2f0a385a1f82aa0fc9a47a60ebc9f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18938: Authorities should reject non-ASCII content in ExtraInfo descriptors
------------------------------------------------+--------------------------
 Reporter:  teor                                |          Owner:
     Type:  defect                              |         Status:  new
 Priority:  Medium                              |      Milestone:  Tor:
Component:  Core Tor/Tor                        |  0.2.???
 Severity:  Normal                              |        Version:
 Keywords:  029-proposed, needs-proposal-maybe  |     Resolution:
Parent ID:  #18656                              |  Actual Points:
 Reviewer:                                      |         Points:  small
                                                |        Sponsor:
------------------------------------------------+--------------------------
Changes (by teor):

 * keywords:  029-proposed => 029-proposed, needs-proposal-maybe


Comment:

 Migrating the consensus version with this change could be interesting, I
 suggest we do the following:
 * if, at vote time, the current consensus version is >=
 MIN_VERSION_TO_EXCLUDE_NON_ASCII_DIR_DOCS, authorities exclude relays with
 descriptors containing non-ascii characters from their votes
 * to avoid a consensus split, authorities always accept uploaded
 descriptors, containing non-ascii characters, if they are uploaded from
 other authorities
 * authorities with this bugfix reject all uploaded documents, including
 descriptors and extra-info, containing non-ascii characters
   * this gives relay operators ample warning to modify their contact lines
 * relays also do this validation before upload

 Separately, perhaps in conjunction with prop224:
 * hidden service directories validate and reject (encrypted) hidden
 service descriptors containing non-ascii characters
 * clients validate and reject (decrypted) hidden service descriptors
 containing non-ascii characters
 * hidden services also do this validation before upload

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18938#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #18940 [- Select a component]: Danger : verifying digital certificate and fake response !
Next by Author: Re: [tor-bugs] #14881 [Core Tor/Tor]: incorrect defaults when producing bandwidth-weights line in directory footer
Previous by thread: Re: [tor-bugs] #18940 [- Select a component]: Danger : verifying digital certificate and fake response !
Next by thread: Re: [tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
Index(es):
- Author
- Thread