[tor-bugs] #11464 [Tor]: Implement a client-side blacklist for authority certificate signing keys
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 14 21:29:06 UTC 2014
#11464: Implement a client-side blacklist for authority certificate signing keys
-------------------------+-------------------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-client 024-backport
Actual Points: | 023-backport heartbleed
Points: | Parent ID:
-------------------------+-------------------------------------------------
Comment (by andrea):
I think this looks okay; my reading of
networkstatus_check_consensus_signature() is that if insufficiently many
good signatures exist, the client will reject the consensus and not
function? I presume these have already been rotated and we won't horribly
break any clients by merging this unless someone tries to use stolen
signing keys to do something nasty to them?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11464#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list