[tor-bugs] #9854 [Tor]: Removing or not sanitizing ContactInfo lines in bridge descriptors

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Sep 30 14:24:44 UTC 2013 

#9854: Removing or not sanitizing ContactInfo lines in bridge descriptors
------------------------+----------------------------------
 Reporter:  karsten     |          Owner:
     Type:  defect      |         Status:  new
 Priority:  normal      |      Milestone:  Tor: unspecified
Component:  Tor         |        Version:
 Keywords:  tor-bridge  |  Actual Points:
Parent ID:              |         Points:
------------------------+----------------------------------
 There's an interesting question in the Tor StackExchange beta:

 {{{
 I'm guessing that a bridge uploads its ContactInfo to the bridge
 authority, so there's a point of contact for the Tor project.

 Is this information available to any other parties, i.e. users requesting
 bridges, or people randomly connecting to IP addresses looking for Tor
 installations?
 }}}

 In practice, users of a bridge will be able to learn the bridge's
 `ContactInfo` line, because they download the bridge's descriptor.

 But Tor people will have a hard time to do that, because this line is
 removed from bridge descriptors in the sanitizing process.  One needs
 access to the non-sanitized descriptors, which limits the set of people to
 maybe five.  I don't remember a single time in the past couple of years
 when we tried to contact bridge operators using provided contact
 information.

 This is rather unexpected for bridge operators, I'd think.  I guess most
 bridge operators would expect their contact information to be known to Tor
 project people and used for debugging only.

 Three options:
  1. We conclude we don't need the contact line for bridges, because we
 wouldn't contact the bridge operator anyway.  Bridges should remove that
 line from their descriptor before uploading.
  2. We decide this information is important and that we should have it
 available more easily.  We don't remove the `ContactInfo` line when we
 sanitize bridge descriptors.
  3. We don't change anything, because everything's fine as it is.  At
 least now we know this information is theoretically available to a few Tor
 people and definitely available to bridge users.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9854>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list