[tor-bugs] #12559 [Core Tor/Tor]: DirPort can't fetch router status entries by fingerprint
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 9 02:43:36 UTC 2016
#12559: DirPort can't fetch router status entries by fingerprint
--------------------------+----------------------------------
Reporter: atagar | Owner:
Type: enhancement | Status: new
Priority: Low | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+----------------------------------
Changes (by arma):
* severity: => Normal
Comment:
I agree with Nick that serving unsignd subsets of the consensus via the
dirport is a sketchy idea.
Something that's using the dirport for this feature could very easily end
up using it unsafely.
I would suggest that the better behavior for a program that wants to use
the dirport for this feature is to fetch the consensus and cache it
locally, and then when it wants to do a lookup, do an if-modified-since
dirport request for the consensus, and get and verify the signature and
cache a new version if there is one, and then use the chunk of the
consensus that it wanted to use.
Or is this external application going to want to do just one routerstatus
lookup?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12559#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list