[tor-bugs] #27286 [Core Tor/Tor]: Update recommended and required protocol versions for "LinkAuth"
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 23 15:20:43 UTC 2018
#27286: Update recommended and required protocol versions for "LinkAuth"
------------------------------+--------------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: assigned
Priority: Medium | Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID: #26631
Points: | Reviewer:
Sponsor: Sponsor8 |
------------------------------+--------------------------------
LinkAuth method 1 is the one where we pull the TLS master secrets out of
the OpenSSL data structures and authenticate them with RSA. LinkAuth
method 3 is the one where we use the RFC5705 key export mechanism and
Ed25519 signatures; it is not supported in 0.2.9.
Right now we list method 1 as required for clients and relays. That's a
problem, since we can't reasonably support it with NSS.
We should at least say that method 1 is not required for clients, and
method 3 is recommended for everybody.
Should any method be required for relays? I don't think so currently,
since we don't want to kick anybody off the network.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27286>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list