Opened 4 months ago

Last modified 11 days ago

#33239 assigned enhancement

Prop 312: 3.2.3 Limit Directory Authority Addresses to Address and ORPort

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: 0.4.4.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: prop312, tor-dirauth, security-low
Cc: Actual Points:
Parent ID: #33049 Points: 1
Reviewer: Sponsor: Sponsor55-must

Description

For security reasons, directory authorities only use addresses that are
explicitly configured in their torrc. Since local interface addresses are
implicit, and may depend on DHCP, directory authorities do not use this
address resolution method (or any of the other, lower-priority address
resolution methods).

See proposal 312, section 3.2.3, directory authority case:
https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-ipv6-addr.txt#n388

Child Tickets

Change History (4)

comment:1 Changed 5 weeks ago by teor

Owner: teor deleted

Un-assign myself from future Sponsor 55 tasks.

comment:2 Changed 5 weeks ago by teor

Keywords: security-low added

I think we should do #33237 and #33239, but they aren't urgent, so we should leave them until the end of the project.

comment:3 Changed 11 days ago by nickm

Keywords: 044-must added

Add 044-must to all security tickets in 0.4.4

comment:4 Changed 11 days ago by nickm

Keywords: 044-must removed
Note: See TracTickets for help on using tickets.