On Tue, Apr 22, 2014 at 11:10:27 -0400, Ian Goldberg wrote:
The proposal (140) doesn't appear to discuss the client fingerprintability aspect of this: they reveal the last time they used Tor (if recentish). Say you're a mobile client that gets a dynamic IP address. With this, you reveal that you probably aren't or maybe are the same person that was last seen over there at that particular time.
What are the implications here?
As far as I understand, Tor clients fetch the consensus documents from a random authority at first, and then from caches at somewhat random times - reading from [0] at section 5.1.
Since it starts using caches and building circuits after fetching the first consensus from an authority, I don't see how anyone could identify a client.
Sure, a cache will know for how long has a client been disconnecten when it asks for a diff starting at e.g. yesterday. But was it that same cache who gave it the previous diff? Or are you talking about regular traffic too?
I might have not understood you well - if that's the case, please explain with a bit more of detail.
Anyway, downloading the entire consensus file from either an authority or a cache will always be possible, if that's what you are concerned about. But we want diffs to be usable in a secure manner just like entire consensuses are.
[0] https://gitweb.torproject.org/torspec.git/blob/refs/heads/master:/dir-spec.t...