Scott Bennett wrote: > a) are running an obsolete version of tor (0.1.2.19) under LINUX, > which is far enough back to be a security problem due to the SSL > key generation bug in LINUX,
If the key generation problem refers to what I think, and just for the record, that was only a problem for Debian and Debian derived distributions of Linux. <snipped other reasons> > That much, IMO, ought to justify removal of their Valid flags by the > authorities. In the meantime, I have them all in my ExcludeNodes list, and > I recommend that all relay operators concerned about security in tor do > likewise. My comment above should *not* be construed to mean I disagree with this conclusion.