[tor-bugs] #20831 [Core Tor/Tor]: Support existing guard torrc options better with new guard code, or deprecate them.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Dec 13 18:48:37 UTC 2016
#20831: Support existing guard torrc options better with new guard code, or
deprecate them.
-------------------------------------------------+-------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status:
| needs_review
Priority: High | Milestone: Tor:
| 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-guard regression | Actual Points: .2
TorCoreTeam201612 |
Parent ID: #20822 | Points: 2
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
Patch looks plausible, but I'm not entirely sold yet.
I'm not 100% persuaded that `NumDirectoryGuards==3` actually offers much
security, if the top primary guard is malicious. I remember the argument
about malicious directory guards refusing to serve relay descriptors, but
I kinda feel that we are screwed anyway if the top primary guard is evil
since all circuits are going to go through it anyhow.
Also, the patch only supports multiple entry guards when it comes to
primary guards, and does not try to generalize the logic to the other
guard picking cases. A spec patch is definitely useful for this.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20831#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list