[tor-dev] Number of directory connections
tordev123 at Safe-mail.net
tordev123 at Safe-mail.net
Fri Aug 21 16:58:48 UTC 2015
-------- Original Message --------
From: Yawning Angel <yawning at schwanenlied.me>
Subject: Re: [tor-dev] Number of directory connections
Date: Fri, 21 Aug 2015 16:49:18 +0000
>> It looks like when the consensus is older than 5 days, a directory authority is used (and the
>> UseEntryGuardsAsDirGuards setting basically ignored).
>>
>> I can't think of a good reason for that behavior. Is there a valid
>> security issue using an old consensus to fetch the current one from
>> the entry guard?
>
> Your entry guard being rejected as malicious by the DirAuths in the
> intervening time period.
But the new consensus would need to be signed by the directory authorities. Tor won't relay anything before it has the new valid consensus. So I don't see any issue with using a potentially malicious entry guard for obtaining the current consensus.
More information about the tor-dev
mailing list