[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 07 Sep 2012 19:58:59 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 07 Sep 2012 15:59:11 -0400
In-reply-to: <049.db86b371b5f23f75bb197136516af1d0@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.db86b371b5f23f75bb197136516af1d0@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#6790: Directory mirrors should accept, aggregate and hand off descriptors to
dirauths
-------------------------------------+--------------------------------------
 Reporter:  mikeperry                |          Owner:       
     Type:  enhancement              |         Status:  new  
 Priority:  normal                   |      Milestone:       
Component:  Tor Directory Authority  |        Version:       
 Keywords:                           |         Parent:  #2664
   Points:                           |   Actualpoints:       
-------------------------------------+--------------------------------------

Comment(by mikeperry):

 Other thoughts: The aggreation/de-dupping step should also include the
 usual orport tests done by the dirauths themselves, to reduce the burden
 on the dirauths.

 The other reason to prefer a push method is that we could simply re-use
 the dirauth code that accepts descriptors currently, but relax it to allow
 descriptors to come from any valid dir mirror currently listed in the
 consensus.

 If misbehaving dir mirrors begin participating in the DoS by submitting
 unreachable or otherwise bogus unverified descriptors, they could be added
 to the firewall or to de-listed in approved-routers in an ad-hoc fashion
 by the dirauth operator.

 It may also be the case that this would also allow misbehaving dir mirrors
 to induce a form of portscan bounce through the dirauths by spoofing
 descriptors, but the existing two-descriptor-per-IP limits should mitigate
 that, I think.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6790#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2665 [Tor Directory Authority]: Create a dirauth DoS response procedure
Next by Author: Re: [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths
Previous by thread: [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths
Next by thread: Re: [tor-bugs] #6790 [Tor Directory Authority]: Directory mirrors should accept, aggregate and hand off descriptors to dirauths
Index(es):
- Author
- Thread