[tor-bugs] #28275 [Core Tor/Tor]: hs-v3: Rotate intro points and close RP circuits when removing client auth service side

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 15 20:17:08 UTC 2018


#28275: hs-v3: Rotate intro points and close RP circuits when removing client auth
service side
---------------------------------------+-----------------------------------
 Reporter:  dgoulet                    |          Owner:  (none)
     Type:  defect                     |         Status:  new
 Priority:  Very High                  |      Milestone:  Tor:
                                       |  0.3.5.x-final
Component:  Core Tor/Tor               |        Version:  Tor:
                                       |  0.3.5.1-alpha
 Severity:  Normal                     |     Resolution:
 Keywords:  tor-doc, tor-hs, 035-must  |  Actual Points:
Parent ID:                             |         Points:
 Reviewer:                             |        Sponsor:
---------------------------------------+-----------------------------------
Changes (by dgoulet):

 * keywords:  security, tor-hs => tor-doc, tor-hs, 035-must


Comment:

 This has become a documentation issue that is mentioning that if you
 remove a client from the client authorization list, the real way to revoke
 its access is to restart the service.

 > Sounds good to me. Perhaps we can even add a log msg warning the user if
 a client was revoked?

 Right now, tor can't differentiate between a client that is removed vs a
 client added. The change would require some work for this logic thus we
 can't log a warning "only on removal" for now.

 It doesn't prevent us I guess to have a notice (would probably limit it to
 only once) there regardless of an addition or removal on how to really
 revoke a client that is restarting tor.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28275#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list