[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #1938 [Tor Client]: UpdateBridgesFromAuthority dangerous
#1938: UpdateBridgesFromAuthority dangerous
------------------------+---------------------------------------------------
Reporter: arma | Owner:
Type: task | Status: new
Priority: major | Milestone:
Component: Tor Client | Version:
Keywords: | Parent:
------------------------+---------------------------------------------------
Now that we've fixed #1138, it might be tempting to start distributing
identity fingerprints along with our bridge addresses again, so clients
can try the bridge authority for the descriptor.
In retrospect, though, the plan of "first go to the centralized place that
is easily associated with being a Tor bridge user, then if it's
unreachable go directly to the bridge for its descriptor" is unwise.
In practice we should go to our bridges directly for their descriptor, and
if we learn no descriptors, fail closed. Then, for the bridges that we've
configured but didn't get a descriptor for, we can ask the bridge
authority *via Tor* if it happens to know a newer descriptor for them.
We'll have an opportunity to make things more robust once we get going on
#1852.
In the mean time, we should continue to avoid putting fingerprints on
bridge addresses. (I believe Vidalia still sets UpdateBridgesFromAuthority
for you when you configure a bridge.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1938>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs