Proposal: Download consensus documents only when it will be trusted

Sebastian Hahn hahn.seb at
Mon Apr 14 05:45:05 UTC 2008

On Apr 14, 2008, at 2:19 AM, Nick Mathewson wrote:
> On Sun, Apr 13, 2008 at 05:19:15PM +0200, Peter Palfrader wrote:
>> Anonymity Implications:
>>  By supplying the list of authorities a client trusts to the  
>> directory
>>  server we leak information (like likely version of Tor client) to  
>> the
>>  directory server.  In the current system we also leak that we are
>>  very old - by re-downloading the consensus over and over again, but
>>  only when we are so old that we no longer can trust the consensus.
> Hm.  I don't think that the old approach leaks the exact version quite
> so immediately as the new one does, but I agree that the information
> extractable is about the same.

In case it is decided that this leakage is very bad, I thought of  

I do not know whether this will work technically, but couldn't the  
decide where to download from? I'm thinking of a "directory descriptor",
and a client asks for one of those at a location. If it is satisfied,  
it requests
the information from that directory, if not, it asks (at a different  
location) for
another descriptor, or a few of them at once. Do you think this could  

OT: Please someone tell me (on IRC or private mail) if my e-mail still  
has a
broken certificate, I'm really trying to fix that problem.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 163 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the tor-dev mailing list