Proposal: Download consensus documents only when it will be trusted
Sebastian Hahn
hahn.seb at web.de
Mon Apr 14 05:45:05 UTC 2008
On Apr 14, 2008, at 2:19 AM, Nick Mathewson wrote:
> On Sun, Apr 13, 2008 at 05:19:15PM +0200, Peter Palfrader wrote:
>>
>> Anonymity Implications:
>>
>> By supplying the list of authorities a client trusts to the
>> directory
>> server we leak information (like likely version of Tor client) to
>> the
>> directory server. In the current system we also leak that we are
>> very old - by re-downloading the consensus over and over again, but
>> only when we are so old that we no longer can trust the consensus.
>
> Hm. I don't think that the old approach leaks the exact version quite
> so immediately as the new one does, but I agree that the information
> extractable is about the same.
In case it is decided that this leakage is very bad, I thought of
something:
I do not know whether this will work technically, but couldn't the
client
decide where to download from? I'm thinking of a "directory descriptor",
and a client asks for one of those at a location. If it is satisfied,
it requests
the information from that directory, if not, it asks (at a different
location) for
another descriptor, or a few of them at once. Do you think this could
work?
OT: Please someone tell me (on IRC or private mail) if my e-mail still
has a
broken certificate, I'm really trying to fix that problem.
Thanks
Sebastian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 163 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20080414/46cef3d2/attachment.pgp>
More information about the tor-dev
mailing list