#18938: Authorities should reject non-ASCII content in ExtraInfo descriptors ----------------------------------+------------------------------------ Reporter: teor | Owner: Type: defect | Status: new Priority: Medium | Milestone: Tor: 0.2.9.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: needs-proposal-maybe | Actual Points: Parent ID: #18656 | Points: 1 Reviewer: | Sponsor: ----------------------------------+------------------------------------
Comment (by Sebastian): I don't like Nick's easy fix I think. The dirauths that upgrade often are also the ones that do the important stuff (badexit, bwauth) so you might be able to ensure you don't get the badexit flag by putting non-ascii into your descriptor. To the parser argument, I kinda think the ship has sailed for anything that wants to be able to parse historic descriptors. I'm still in favor of not allowing arbitrary bytes in contact info going forward, but I think we should have it in relays before we have it in dirauths. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18938#comment:14> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs