[tor-bugs] #16409 [Applications/Tor Browser]: Domain isolation: ports, toggle

Mon Jun 13 04:14:21 UTC 2016

#16409: Domain isolation: ports, toggle
--------------------------------------+--------------------------
 Reporter:  cypherpunks63             |          Owner:  tbb-team
     Type:  defect                    |         Status:  closed
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:  invalid
 Keywords:  tbb-usability-website     |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by yawning):

 * status:  needs_review => closed
 * resolution:   => invalid

Comment:

 No, that won't fix it, because this has nothing to do with the domain
 isolator at all.  Tor Browser (and the the tor daemon in most standard
 configurations) does not explicitly isolate by port.  You can test this by
 going to `https://example.com` and `http://example.com` and seeing that
 the circuit is reused.

 In the reported case, a new circuit is being created because the current
 one can't be used to service the request, due to the "odd" choice of port
 not being in the circuit's Exit's Exit Policy (Eg: Port 182 is not in the
 Reduced Exit Policy so chances are circuits that work fine up to that
 point won't be able to service the request).

 Fixing this without breaking the notions of an Exit Policy and Exit
 Operator Agency would require the tor daemon to possess the power of
 precognition.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16409#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online