[tor-bugs] #6322 [- Select a component]: When we do DNSSEC
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Jul 6 14:08:40 UTC 2012
#6322: When we do DNSSEC
----------------------------------+-----------------------------------------
Reporter: ioerror | Owner: nickm
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: - Select a component | Version:
Keywords: dnssec | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
I think we should cross verify entries in the cache - if one exit or
upstream somehow has the ability to forge a sig for an entry,
torproject.org. (by owning us and taking our DNSSEC keys), we should do
something smart.
We will have to deal with updates to DNS records and also stolen keys that
are able to properly sign a new DNS records.
We'll also need to deal with GeoIP giving different answers to different
exits, etc.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6322>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list