[tor-bugs] #2681 [Tor]: brainstorm ways to let Tor clients use yesterday's consensus more safely
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Oct 15 19:55:45 UTC 2012
#2681: brainstorm ways to let Tor clients use yesterday's consensus more safely
--------------------------------------------------------------------------------+
Reporter: arma | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Keywords: dirauth-dos-resistance proposal-needed MikePerry201210d tor-client | Parent: #2664
Points: | Actualpoints:
--------------------------------------------------------------------------------+
Comment(by mikeperry):
Ok, which of the two would you prefer? If we're just changing the constant
to 3-5 days, I think that proposal is "done" (modulo choosing the
freshness duration. I picked 5 days, but 3 is also better than 24 hours).
If we're talking about creating mechanisms to verify consensus material is
not targeted and is actually as current as it possibly can be, then we'd
need a different (and substantially more complicated) proposal probably
involving #572 in combination with some kind of query for the latest
consensus creation time and ideally also some kind of "What's your latest
consensus's hash" query.
I would like to write that second proposal, because I think it's a neat
idea and helps address some other more serious route capture attacks
involving dirauth key compromise, but I also probably can't get it done
this week, nor will it be as straight-forward as just changing these
defines to be a bit more relaxed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2681#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list