[tor-bugs] #9729 [Tor]: Make bridges publish additional ORPort addresses in their descriptor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 22 21:40:06 UTC 2013
#9729: Make bridges publish additional ORPort addresses in their descriptor
----------------------------+----------------------------------------------
Reporter: sqrt2 | Owner:
Type: | Status: needs_information
enhancement | Milestone:
Priority: normal | Version: Tor: 0.2.5.1-alpha
Component: Tor | Keywords: ORPort bridge multiple addresses
Resolution: | Parent ID:
Actual Points: |
Points: |
----------------------------+----------------------------------------------
Comment (by sqrt2):
Contrary to what I wrote initially when I said Tor should publish
"descriptors for each address", I think that the OR should not be trusted
with deciding how exactly its addresses are going to be published, as not
to make it possible to corrupt BridgeDB in the sense that statistics would
show many bridges, but many of them are easily blocked as a group due to
"treacherous" descriptors. (An odd type of attack, admittedly.) I agree
that it is probably best if BridgeDB then treats each IP address as a
separate bridge when it comes to handing out bridge addresses.
Therefore, staying within the scope of this ticket, I think that Tor
should publish just one descriptor with additional "a" lines containing
both alternative IPv4 and IPv6 addresses. (I suppose for the BridgeDB side
it would then make sense to open a separate ticket against the BridgeDB
component?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9729#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list