[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9854 [Tor]: Removing or not sanitizing ContactInfo lines in bridge descriptors
#9854: Removing or not sanitizing ContactInfo lines in bridge descriptors
-------------------------+------------------------------
Reporter: karsten | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor | Version:
Resolution: | Keywords: tor-bridge
Actual Points: | Parent ID:
Points: |
-------------------------+------------------------------
Comment (by karsten):
Replying to [comment:9 rransom]:
> Replying to [ticket:9854 karsten]:
>
> > 2. We decide this information is important and that we should have it
available more easily. We don't remove the `ContactInfo` line when we
sanitize bridge descriptors.
>
> I thought a bridge descriptor's `contact` line was removed for the same
reason that its nickname is redacted -- to prevent an attacker from
learning that the bridge may be ânearâ one or more relays.
There's this risk, yes. We decided for nicknames that finding bridges by
nickname is more important than the potential of losing a bridge because
it's located nearby a relay with similar nickname. #5684 has some parts
of that discussion, and I remember there was some discussion on tor-dev@.
But you're right. If we want to stop sanitizing contact lines, we need to
have a similar discussion on tor-dev@. The risk of finding bridges using
similar contacts might even be higher than for nicknames.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9854#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs