#19163: Maybe RSOS single-hop circuits should always have ntor ---------------------------------------------+----------------------------- Reporter: teor | Owner: teor Type: defect | Status: new Priority: Medium | Milestone: Tor: Component: Core Tor/Tor | 0.2.??? Severity: Normal | Version: Keywords: rsos, tor-hs, TorCoreTeam201607 | Resolution: Parent ID: | Actual Points: Reviewer: | Points: 0.5 | Sponsor: ---------------------------------------------+-----------------------------
Comment (by teor): tor-spec.txt says "[The ntor handshake was added in Tor 0.2.4.8-alpha.]" We no longer recommend versions before 0.2.4.26 or 0.2.5.11. So let's simplify this patch by making sure every circuit, even single-hop circuits, has at least one relay that supports ntor. That's the easy part. And it's a nice defence against protocol downgrade attacks. This has the following implications: * bridges must support ntor (we should warn if we connect to a bridge that doesn't support ntor) * guards must support ntor (we should only select guards with ntor) * directory guards must support ntor (we should only select directory guards with ntor) * we should make sure that directories we select from the consensus have ntor * we should make sure that fallbacks have ntor (in the fallback script) * this ensures directories we select from the hard-coded authority and fallback lists have ntor -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19163#comment:3> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs