Opened 8 months ago

Last modified 4 months ago

#33239 assigned enhancement

Prop 312: 3.2.3 Limit Directory Authority Addresses to Address and ORPort

Reported by: teor Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Normal Keywords: prop312, tor-dirauth, security-low, 044-deferred
Cc: Actual Points:
Parent ID: #33049 Points: 1
Reviewer: Sponsor: Sponsor55-must

Description

For security reasons, directory authorities only use addresses that are
explicitly configured in their torrc. Since local interface addresses are
implicit, and may depend on DHCP, directory authorities do not use this
address resolution method (or any of the other, lower-priority address
resolution methods).

See proposal 312, section 3.2.3, directory authority case:
https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-ipv6-addr.txt#n388

Child Tickets

Change History (6)

comment:1 Changed 6 months ago by teor

Owner: teor deleted

Un-assign myself from future Sponsor 55 tasks.

comment:2 Changed 6 months ago by teor

Keywords: security-low added

I think we should do #33237 and #33239, but they aren't urgent, so we should leave them until the end of the project.

comment:3 Changed 5 months ago by nickm

Keywords: 044-must added

Add 044-must to all security tickets in 0.4.4

comment:4 Changed 5 months ago by nickm

Keywords: 044-must removed

comment:5 Changed 4 months ago by nickm

Keywords: 044-deferred added
Milestone: Tor: 0.4.4.x-finalTor: unspecified

Bulk-remove tickets from 0.4.4. Add the 044-deferred label to them.

comment:6 Changed 4 months ago by nickm

Milestone: Tor: unspecified

Bulk-move prop311 and prop312 to 0.4.5

Note: See TracTickets for help on using tickets.