[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26158 [Core Tor/Tor]: A little bug of circular path of Tor
#26158: A little bug of circular path of Tor
-------------------------------------------------+-------------------------
Reporter: TBD.Chen | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| 0.3.4.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.0.1-alpha
Severity: Normal | Resolution:
Keywords: circular-path, security-low, | Actual Points:
031-backport, 032-backport, 033-backport, |
034-backport |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):
* keywords: circular-path =>
circular-path, security-low, 031-backport, 032-backport, 033-backport,
034-backport
* version: Tor: 0.3.2.10 => Tor: 0.3.0.1-alpha
* milestone: Tor: 0.3.2.x-final => Tor: 0.3.4.x-final
Comment:
Thanks for reporting this issue!
This is a bug in commit c837786 in 0.3.0.1-alpha.
I've marked it as security-low, because since commit 592a439 in
0.2.7.2-alpha, directory authorities pin relay ed25519 keys to RSA keys.
This means that a relay in the consensus can't pass the RSA check, but
fail the ed25519 check.
(A client can't loop between two bridges using different keys, because RSA
IDs are mandatory. When we stop making RSA IDs mandatory, we'll need to
think carefully about this issue, and multiple ORPorts as well.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26158#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs