[tor-bugs] #5968 [Tor]: Improve onion key and TLS management
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 10 01:59:17 UTC 2013
#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
Reporter: mikeperry | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: tor-relay | Parent: #5456
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by mikeperry):
Replying to [comment:8 nickm]:
> (Incidentally, if the attacker steals the identity key but doesn't have
the right TLS cert, it will fail at MITMing any connection that uses
AUTHENTICATE cells from the client. So you can detect whether somebody's
doing this today by making connections to a bunch of servers from an IP
that isn't recognized as a server, and then trying to AUTHENTICATE to
them.)
I missed this comment initially, and I'm still a little confused here. Can
you explain how this would fail in more detail? Is the idea to test as a
relay for MTIM of your outgoing TLS connections?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list