[tor-bugs] #11525 [Metrics Data Processor]: Sanitize bridge descriptors containing old identity keys
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 15 09:47:04 UTC 2014
#11525: Sanitize bridge descriptors containing old identity keys
------------------------------------+---------------------
Reporter: karsten | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Metrics Data Processor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
------------------------------------+---------------------
Proposal 230 adds support for relays and bridges to migrate from one
identity key to another. A relay or bridge that uses this new feature
switches to a new identity key and includes information about its old
identity key in its server descriptor.
In particular, the following data will be included:
- old RSA 1024 public identity key (not SHA-1 fingerprint),
- date and time of migration, and
- signature of date and time of migration and new identity key
fingerprint, made with old identity key.
Sanitized bridge descriptors need to contain sanitized versions of these
new fields. For example, we cannot include the full old public identity
key, nor the old public identity key fingerprint. In general, we remove
all crypto from sanitized bridge descriptors. Here's a suggestion of what
we could include:
{{{
"old-rsa1024-id-fingerprint" SP FINGERPRINT SP ISO-TIME NL
}}}
We'll want to add support for parsing this field in metrics-lib.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11525>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list