[tor-bugs] #24818 [Core Tor/Tor]: Make the hard-coded authorities into a separate include file with a standard format
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 2 11:40:42 UTC 2018
#24818: Make the hard-coded authorities into a separate include file with a
standard format
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: enhancement | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: torspec, tor-dirauth, | Actual Points:
034-triage-20180328 |
Parent ID: | Points: 1
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:18 nickm]:
> Replying to [comment:14 teor]:
> > Do you want to rephrase any of this existing text?
> >
> > Libraries SHOULD parse and cache the most recent version of these
lists
> > during their build or release processes. Libraries MUST NOT
retrieve the
> > lists by default every time they are deployed or executed.
>
> I'd suggest maybe:
>
> Library developers SHOULD be sure that they ship the most recent
version of these lists, and SHOULD check for the freshness of these lists
as part of their build or release process. Library developers SHOULD NOT
automatically replace these files without human intervention.
>
> I think auto-fetching these, even with https, is a dangerous idea.
In a different spec review, nickm also noted that "key_value SP key_value"
is technically ambiguous. We don't have that construct in this spec,
because we only have one key_value per line. But we do have the similarly
ambiguous "key_value SP+".
Let's exclude space from value to resolve this ambiguity.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24818#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list