[tor-bugs] #19163 [Core Tor/Tor]: Maybe RSOS single-hop circuits should always have ntor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 6 00:05:38 UTC 2016
#19163: Maybe RSOS single-hop circuits should always have ntor
---------------------------------------------+-----------------------------
Reporter: teor | Owner: teor
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
Component: Core Tor/Tor | 0.2.9.x-final
Severity: Normal | Version:
Keywords: rsos, tor-hs, TorCoreTeam201607 | Resolution:
Parent ID: | Actual Points:
Reviewer: | Points: 1.0
| Sponsor:
---------------------------------------------+-----------------------------
Changes (by teor):
* points: 0.5 => 1.0
* milestone: Tor: 0.2.??? => Tor: 0.2.9.x-final
Comment:
nickm: I think 029 for all of it, if there's time.
And:
* nickm: also authorities should reject all descriptors that include only
a TAP key. (unless they do already)
* never select a TAP-only router for any circuit
* make sure every extend actually uses ntor (note that the hidden service
protocol itself uses TAP, even if the circuits don't)
If we rebuild the fallback list for 0.2.9 in #18828, it will fix:
* we should make sure that fallbacks have ntor (in the fallback script)
because all recommended tor versions have ntor.
The are edge cases where relays lie about their version, or lie about
having an ntor key, or lie about supporting ntor, or never actually use
the ntor key. But we'll catch those with the circuit/extend checks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19163#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list