[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Proposal: Check Maxmind GeoIP DB before distributing
- To: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-dev] Proposal: Check Maxmind GeoIP DB before distributing
- From: Iain Learmonth <irl@xxxxxxxxxxxxxx>
- Date: Sun, 1 Jul 2018 15:54:11 +0100
- Autocrypt: addr=irl@xxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= xsFNBFZp8zEBEACxOYriD+tEuc3Wpnbh+GGnyiaLEMABBrfn6JlDQphbBq/YTz9M9OPkttjx hLL/yrxlM1nD69XbGKQ9gIL3LEgOz9+OdivPbN+Q5iNMqk/WCQUqd3bCFbbsn1yvoTumFy9S 9kYX45Db3jRJoN/Nye6Stf7KKPxHxot14iY+PUR/5Gx5KbeWVKfDtQejGnhxQD73KjrX4wds BAaxnQ7KbjQyUf+IxE+8qSDcyTP+pPqxspVzx+eFqsW5+kK1eJMHxJmY/KsAs6IsGf5lvyDJ JECc2iE0mFS6vc14lGcD7BAYMPRnvlK3OcDlbdJS3ZU0LQu3/AplM7cNcesq2Btm06OUTsbj 10ZiyLi7Q0WZRuUbn7t3jOQVyOlNfjUpJhKPMMobBL2R0KzcptJbUrKc08wZD/TPaXuHKWAE JuA6kFMXtHhV8Qhxz5/d2KUA8ex+zpVd2xSR6q4llcYu1w8zHZtLN+YKSmjjKs+AjiTrCMYs OYxt4cwxuaIIhBNvCC9WqZOxHX7YHmpVcSV6K9Wwhk9mVIU3Ii0G2HWs6OQ0vIueCDGMEdVk ig/a7cVlfXNz7WuaXuhOJmHz6d6Yk4dFn5mLbEY9cZhBxf5hjCwtp9b6v+ueuptfcnOd+38G 9KH6NyHKZyS4jcd3E6Dp0+9Isbl/EohjPCujevoW3/DlT08OKQARAQABzSBJYWluIFIuIExl YXJtb250aCA8aXJsQGZzZmUub3JnPsLBlwQTAQoAQQIbAwULCQgHAwUVCgkICwUWAgMBAAIe AQIXgAIZARYhBKj3ulBB4TMznLoWlnbVgJP1QKvNBQJaa1esBQkF4pf7AAoJEHbVgJP1QKvN BB8P/0iaI8JPpEYyrHnGn5fYrvfDA5QRABOvnk50mK+RsgDLlmh3/4VKVmS4nW+TyfSJ1pkm V+4EU0wM8lJ5fbnteFTqxg2are+RtBfCrpoMY1jRC1nvuxsIKGcy7KOActbKfBDpVm3fB+Hl RDmQgJY1gK0NDiir3YVoCoKtaI5H/TJa4SEXrDg3qcgKoU0Z1irj250o7B0GhcM4MynpwC3S aPtMjerAkbfVhbvp1MGogJoBEroULwzfVNNpBFHFwYWQLgyQc8bLaa6OncuMZDkWQHoUeEiP HBBiIGDujStBFL6+HUg3yiVpT32P0ZfnoSClaGnq8skWAnJtBKc9mww7kfa4hDQol/Hjcm5r ykdXm+SK53QdCxaMC3alHVOdkDekNfoziTfiNE56LqBidWrUG5XSL/9lJZMTm023ToTzejn+ KtiDdRZok80mcJ79quJFPj+L4JUjE3NdgBMdSWnGi9Qgqw7rn6LjOhF4AiyT+2kLwnomGDHf H8Yty+B3gs/BiVVpdRXE2SuoI/xK6Vjq4s3+q0Bl3Zt0sa2s9nsl1kToYkKabYHatERgHWEB VJ357glcnAb5LaX7wGfzPq5tFvKw3u1SFAbRwyV6dUir6B8mfBBDk/IKeSXLc84gEexmPRgP 295wHHaDdbEDhXdlm6gtnVPUX1hQgFR/33/YGp1ZzsFNBFprf6sBEADOANf22so7uoGcvok2 TM/T8BHI5+TqHEc4hVe+JGGJ1ZnWlgtGmpOs0fOQj3WAgGI0ZmTqMuozKF/K9ljbjaMXsLD+ JIBTD4rINy60VX2zHhmWhNaOcJvq+wbuHx0tMbhqsTStGnSkvRhH61ncMqVqlTTTLVQQSxKl 9D2l7ZGwEPLHRFlydTOOix+F+Y1ehxYLVaPkaycs8wvgjYsDLo3T8TmuOL+rcEfvxJ6lT2V5 I51xqievqoBazAfXvA8FW/0G+Z9LUJmViOVluWg3xjP8okKYgOkOeX00vMBCVaiEA08oaxY0 ebS7uBEgppjWSwn+WAhB+6spd67d4W+DmAnM262lxFMhVYhXpfeV9zygULQOofdE6xtFkaxr /y8xQ4Bf7zX8ko6X9aFQFB/vc+zUtjzjg4VaQvWrThjaHlbEKR55MDxJu2T9S7g5bR4zxZNv 36gwlIdmx33a1AeR1nGcWa/7OtoS53+lUwyFVWLOnucqKh71Y38AAMd5L9Fsb+ArQem71knE UTC+HvBGkPb2Y2PzGnnzhZyC8zgE8AjVD0wB+RMDNI3+fIW6biKAHDqrS6ZCVkzJ1R9nOjXM HRYZ5qlG+rCOeu6Jp4yNwp46z4PqiiLJ9NtmdNttLCEn5PDVF3g9g811JcadvFVH1ZELoDGW Mg3Q+QOHQBFYj7cj2QARAQABwsF8BBgBCgAmFiEEqPe6UEHhMzOcuhaWdtWAk/VAq80FAlpr f6sCGwwFCQHhM4AACgkQdtWAk/VAq80LwA//djg9GBhL2YYN57h/dso0V+hvNEFtCCS1sCBD Y5bHWxBMJDc77gY7Uxzf6au9SRj/tQGhqehFc1yTK5/z+FmS8qor/q3DINdRTG6h616RBhug YJkYQPYFoGqH6OwZZ+u4wtAJF9kQyngB97eC13xvrtb8pv3T2ZbMyiYSQgB6odJgSjq+MdxF W4lNdXihLCMbhvlapKwkItE/XZT8YBZW6gyZiCalSjkNITdirjch2twZDiYQIHCmeU4JrLLR gmeWGhfwZSEfq2Kd9WIK2KtTaONYVu7UrLD5WKAx8XX6vjPMyEtylQplyn0j3s5J09vzhfTY QirB4OseU1TQ5StWu4CgVauTRLjz+rm5rHGqZ5wcNdbiLyL7GIva4EvqTqRTiGzqiE/gkdmx +Lf0BKH8m4dVszNMdKjd6eBMnZQg7imjb2zk4UI9LAKSg5BKOXW3+NyiSAjvj7DA06XJ1Y3d b1+KiFDO7EM1729F4CgJk0DKbM4HAq6H1YVbCKk1X3GuWQJzNqYOwnywb5igYymMic2ixM5D MVaSLnWUEaLkW8enGj5wonz3IBtHa8B5tu6MJ87cRiSFbn5eupB7LxJu5SLcFbphvkuSR5oP F4Zy0Fzxq0XOZUs1Do/EZCWYZZl8cIRP/JcsE0N2HQixAVRoBAs5MkMw1+NaiVgrd0v6/ik=
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Sun, 01 Jul 2018 10:54:29 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=V5lqwVejXhBTjY3MLozgzGm7GRv9g C8kLyxuLR4dedY=; b=wQ7uRvW4X3pBtvlXAnmUBKFqlazJkcT1SS+OM/bbM2hSS 3nY9xDHbgbHgQlZgdrLn9e1+jTew0IbB/65VDJAOvafeK0cpqcLZjK57wHyLlJaW wKJKGTIHb7sNbovDnQmVHznd6Pr1Kc8btV671wYJIOivxsp9h6oqzzbkXGMJTd0I +Du/j3dkf6btMsxOnixTNP+vp/bXoWXjkfl/CLItyPo3WmV9mwFw0r303lSF+kFA l+8YR4zP0zfrF1Rz86wV9Qbw/qAwogTvLhepRaa6053FvcBN8wz6wSSOdlwdkHZ/ NcBkqN+EV/4Xzg95urGSevQSV/6Vszvv5Xef9y2Vw==
- In-reply-to: <c84f2f57-1d6b-0d15-cdb2-ebab3b67b8b2@gmail.com>
- List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
- List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
- List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
- List-post: <mailto:tor-dev@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
- Openpgp: preference=signencrypt
- Organization: Tor Project
- References: <c84f2f57-1d6b-0d15-cdb2-ebab3b67b8b2@gmail.com>
- Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
Hi,
On 30/06/18 12:53, Jaskaran Singh wrote:
> 0. Motivation and Overview
> We're using Maxmind's (company registered in the US) GeoIP Database,
> which is not just antithetical to the philosophy that one should not
> totally rely on a service/software for all needs, but has some serious
> security repercussions too.
I would love to see a full list of all the places we currently use this
database and what security consequences could be.
Relevant tickets to this discussion that you may want to read have the
keyword "metrics-geoip" in trac.
Also, you may be interested in karsten's comment on #22203 where we talk
about downloading signed GeoIP files from the dirauths instead of
shipping them in the distribution.
Thanks,
Iain.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev