[tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 5 13:55:34 UTC 2018


#28275: hs-v3: Rotate intro points and close RP circuits when removing client auth
service side
------------------------------+------------------------------------
 Reporter:  dgoulet           |          Owner:  (none)
     Type:  defect            |         Status:  needs_information
 Priority:  Very High         |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor      |        Version:  Tor: 0.3.5.1-alpha
 Severity:  Normal            |     Resolution:
 Keywords:  security, tor-hs  |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+------------------------------------
Changes (by dgoulet):

 * status:  new => needs_information


Comment:

 I'm fine with not closing all RP circuits as long as we document it
 properly and that the solution for "really revoking" a client would be to
 restart tor in this case.

 As for rotating intro points, old descriptor can still connect if we don't
 meaning that all "new" requests like arma mentions will still work.

 However, the reachability impact is pretty strong especially if the
 service does that every let say 5 minutes... Again, we could simply
 document that if you want the "really revoking" access, then restart tor.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28275#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list