[tor-bugs] #24818 [Core Tor/Tor]: Make the hard-coded authorities into a separate include file with a standard format
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Feb 7 16:45:34 UTC 2018
#24818: Make the hard-coded authorities into a separate include file with a
standard format
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: enhancement | Status:
| needs_review
Priority: Medium | Milestone: Tor:
| 0.3.4.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: torspec, tor-dirauth, review- | Actual Points:
group-29, review-group-31 |
Parent ID: #24786 | Points: 1
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by nickm):
Replying to [comment:14 teor]:
> Do you want to rephrase any of this existing text?
>
> Libraries SHOULD parse and cache the most recent version of these
lists
> during their build or release processes. Libraries MUST NOT retrieve
the
> lists by default every time they are deployed or executed.
I'd suggest maybe:
Library developers SHOULD be sure that they ship the most recent
version of these lists, and SHOULD check for the freshness of these lists
as part of their build or release process. Library developers SHOULD NOT
automatically replace these files without human intervention.
I think auto-fetching these, even with https, is a dangerous idea.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24818#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list