[tor-bugs] #19163 [Core Tor/Tor]: Maybe RSOS single-hop circuits should always have ntor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 5 13:39:12 UTC 2016
#19163: Maybe RSOS single-hop circuits should always have ntor
---------------------------------------------+-----------------------------
Reporter: teor | Owner: teor
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
Component: Core Tor/Tor | 0.2.???
Severity: Normal | Version:
Keywords: rsos, tor-hs, TorCoreTeam201607 | Resolution:
Parent ID: | Actual Points:
Reviewer: | Points: 0.5
| Sponsor:
---------------------------------------------+-----------------------------
Comment (by teor):
tor-spec.txt says "[The ntor handshake was added in Tor 0.2.4.8-alpha.]"
We no longer recommend versions before 0.2.4.26 or 0.2.5.11.
So let's simplify this patch by making sure every circuit, even single-hop
circuits, has at least one relay that supports ntor.
That's the easy part.
And it's a nice defence against protocol downgrade attacks.
This has the following implications:
* bridges must support ntor (we should warn if we connect to a bridge that
doesn't support ntor)
* guards must support ntor (we should only select guards with ntor)
* directory guards must support ntor (we should only select directory
guards with ntor)
* we should make sure that directories we select from the consensus have
ntor
* we should make sure that fallbacks have ntor (in the fallback script)
* this ensures directories we select from the hard-coded authority and
fallback lists have ntor
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19163#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list