[tor-bugs] #18938 [Core Tor/Tor]: Authorities should reject non-ASCII content in ExtraInfo descriptors
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun May 1 08:47:05 UTC 2016
#18938: Authorities should reject non-ASCII content in ExtraInfo descriptors
------------------------------------------------+--------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
Component: Core Tor/Tor | 0.2.???
Severity: Normal | Version:
Keywords: 029-proposed, needs-proposal-maybe | Resolution:
Parent ID: #18656 | Actual Points:
Reviewer: | Points: small
| Sponsor:
------------------------------------------------+--------------------------
Changes (by teor):
* keywords: 029-proposed => 029-proposed, needs-proposal-maybe
Comment:
Migrating the consensus version with this change could be interesting, I
suggest we do the following:
* if, at vote time, the current consensus version is >=
MIN_VERSION_TO_EXCLUDE_NON_ASCII_DIR_DOCS, authorities exclude relays with
descriptors containing non-ascii characters from their votes
* to avoid a consensus split, authorities always accept uploaded
descriptors, containing non-ascii characters, if they are uploaded from
other authorities
* authorities with this bugfix reject all uploaded documents, including
descriptors and extra-info, containing non-ascii characters
* this gives relay operators ample warning to modify their contact lines
* relays also do this validation before upload
Separately, perhaps in conjunction with prop224:
* hidden service directories validate and reject (encrypted) hidden
service descriptors containing non-ascii characters
* clients validate and reject (decrypted) hidden service descriptors
containing non-ascii characters
* hidden services also do this validation before upload
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18938#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list