seven bloxortsipt* relays ought *not* to be Valid
Jim McClanahan
jimmymac at copper.net
Thu Jul 30 07:20:11 UTC 2009
Scott Bennett wrote:
> a) are running an obsolete version of tor (0.1.2.19) under LINUX,
> which is far enough back to be a security problem due to the SSL
> key generation bug in LINUX,
If the key generation problem refers to what I think, and just for the
record, that was only a problem for Debian and Debian derived
distributions of Linux.
<snipped other reasons>
> That much, IMO, ought to justify removal of their Valid flags by the
> authorities. In the meantime, I have them all in my ExcludeNodes list, and
> I recommend that all relay operators concerned about security in tor do
> likewise.
My comment above should *not* be construed to mean I disagree with this
conclusion.
More information about the tor-talk
mailing list