[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #17025 [BridgeDB]: use private messaging functions on websites that will not get blocked to deliver bridges
#17025: use private messaging functions on websites that will not get blocked to
deliver bridges
-----------------------------+------------------
Reporter: elypter | Owner: isis
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: BridgeDB | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+------------------
Comment (by kernelcorn):
No, this still works because public keys are distributed through back-
channels, so MITM in this case isn't possible. I don't think the attack
works as you describe. The attacker simply doesn't have the private keys
and all clients verify the keys when setting up their Tor circuits.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17025#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs