[tor-dev] Number of directory connections

tordev123 at Safe-mail.net tordev123 at Safe-mail.net
Fri Aug 21 16:58:48 UTC 2015

-------- Original Message --------
From: Yawning Angel <yawning at schwanenlied.me>
Subject: Re: [tor-dev] Number of directory connections
Date: Fri, 21 Aug 2015 16:49:18 +0000

>> It looks like when the consensus is older than 5 days, a directory authority is used (and the 
>> UseEntryGuardsAsDirGuards setting basically ignored).
>> I can't think of a good reason for that behavior. Is there a valid
>> security issue using an old consensus to fetch the current one from
>> the entry guard?
> Your entry guard being rejected as malicious by the DirAuths in the
> intervening time period.

But the new consensus would need to be signed by the directory authorities. Tor won't relay anything before it has the new valid consensus. So I don't see any issue with using a potentially malicious entry guard for obtaining the current consensus.

More information about the tor-dev mailing list