[tor-bugs] #3501 [Tor Client]: Teach Tor to run the Control Port over TLS

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Jun 29 14:20:22 UTC 2011


#3501: Teach Tor to run the Control Port over TLS
------------------------+---------------------------------------------------
 Reporter:  ioerror     |          Owner:     
     Type:  task        |         Status:  new
 Priority:  normal      |      Milestone:     
Component:  Tor Client  |        Version:     
 Keywords:  torouter    |         Parent:     
   Points:              |   Actualpoints:     
------------------------+---------------------------------------------------
 I've been discussing how we can use Vidalia with chiiph as a Tor
 controller over a network - this would be useful for the Torouter for
 example.

 I think that a TOFU (Trust On First Use) model is probably best and that
 would mean we'd simply need a Tor Control Port that uses a static TLS
 cert/key combo. I guess we could do a bare key or we could do the full
 x509 nightmare. I don't really have a preference.

 This would allow us to control Tor safely as the control port data
 exported by Vidalia doesn't seem safe to expose to an attacker.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3501>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list