[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 05 Nov 2018 12:51:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 05 Nov 2018 07:51:22 -0500
In-reply-to: <047.09afb70f75cf343ace680e79f6dd04ab@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.09afb70f75cf343ace680e79f6dd04ab@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#28275: hs-v3: Rotate intro points and close RP circuits when removing client auth
service side
------------------------------+------------------------------------
 Reporter:  dgoulet           |          Owner:  (none)
     Type:  defect            |         Status:  new
 Priority:  Very High         |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor      |        Version:  Tor: 0.3.5.1-alpha
 Severity:  Normal            |     Resolution:
 Keywords:  security, tor-hs  |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+------------------------------------

Comment (by haxxpop):

 Replying to [comment:4 arma]:
 > one is whether the client can decrypt the descriptor (to learn the intro
 points), and the other is whether the client can prove that it's
 authorized in the INTRODUCE1 cell? I'm tempted to try to solve this one by
 defining "revoke" to focus on that second component. I also wish we had
 actual use cases for this client auth design, so we wouldn't be left
 trying to debate over what future hypothetical users would want the system
 to do.


 We previously had a discussion about that second component in the
 INTRODUCE1 cell. By that time, we decided to not implement it (and
 probably will never) because the only benefit of INTRODUCE1 authorization
 is to let the service know which client it is connected to and then the
 service can serve different services for different clients.

 But that can be implemented easily in the application layer and the
 feature is not related to anonymity (not related to Tor). So we thought we
 don't need to implement it at all.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28275#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #28424 [Core Tor/Tor]: Refactor hs_service_callback() to no longer need to run once per second?
Next by Author: Re: [tor-bugs] #25013 [Applications/Tor Browser]: Move TorButton code to the tor browser repository
Previous by thread: Re: [tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side
Next by thread: Re: [tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side
Index(es):
- Author
- Thread