[tor-bugs] #28095 [Core Tor/Tor]: dirauth key pinning can be bypassed sometimes?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 17 21:10:07 UTC 2018
#28095: dirauth key pinning can be bypassed sometimes?
------------------------------+------------------------------
Reporter: catalyst | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: tor-dirauth
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+------------------------------
It looks like sometimes key pinning can be bypassed. One example is in
#27800, where it seems that an ed25519 key got shared between two relays
(Or maybe that's two iterations of the same relay, where the operator
rolled the RSA key but not the ed25519 key.)
Fixing this the "right" way might involve keeping multiple versions of a
relay descriptor around, with metadata about which vote or consensus it
goes with.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28095>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list