[tor-talk] How evil is TLS cert collection?

Robert Ransom rransom.8774 at gmail.com
Wed Mar 23 01:26:40 UTC 2011


On Mon, 21 Mar 2011 17:09:38 -0700
Mike Perry <mikeperry at fscked.org> wrote:

> Thus spake Robert Ransom (rransom.8774 at gmail.com):
> 
> > On Sun, 20 Mar 2011 17:58:06 -0700
> > Mike Perry <mikeperry at fscked.org> wrote:
> > 
> > > However, I'm not sure that this is going to work for Tor Browser
> > > Bundle users (which ships with HTTPS Everywhere) who may have the TBB
> > > on readonly USB keys or live cds.  They may end up being asked each
> > > time they start.
> > > 
> > > Is this a decent compromise? The other option is to not even bother to
> > > ask users who have a working tor installed, on the assumption that
> > > since we can submit certs through tor, it is always safe to do so. We
> > > may end up doing this instead of always asking them. Is this wrong? If
> > > so, why?
> > 
> > This ???phone-home??? behaviour is not safe for users who browse the web
> > over Tor until proposal 171 is implemented in Tor.  At best, it would
> > *only* fragment the anonymity set of Tor users.
> 
> The problem with 171 (SOCKS username/password to split streams across
> different circuits, for those playing at home) is that Firefox also
> lacks username and password fields in the proxy APIs for SOCKS, so we
> cannot do this for anyone except for TBB users.

Could you include a native-code SOCKS client library in the extension?


> But, if the EFF runs an exit enclave at observatory.eff.org, shouldn't
> this solve the same-circuit correlation problem? Tor should prefer
> using that exit enclave in all cases when it is up in this case.

This won't work if an exit node lies about the IP address of
‘observatory.eff.org’ (and it won't work reliably in any case).  Using
an EFF-run hidden service would fix that problem if we can make hidden
services work reliably again.


Robert Ransom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110322/5e6a14a1/attachment.pgp>


More information about the tor-talk mailing list