2014-05-06 22:28:34 +02:00
|
|
|
o Major security fixes (directory authorities):
|
|
|
|
|
|
|
|
|
|
- Directory authorities now include a digest of each relay's
|
|
|
|
|
identity key as a part of its microdescriptor.
|
|
|
|
|
|
2014-05-08 04:23:19 +02:00
|
|
|
This is a workaround for bug #11743 (reported by "cypherpunks"),
|
|
|
|
|
where Tor clients do not
|
2014-05-06 22:28:34 +02:00
|
|
|
support receiving multiple microdescriptors with the same SHA256
|
|
|
|
|
digest in the same consensus. When clients receive a consensus
|
|
|
|
|
like this, they only use one of the relays. Without this fix, a
|
2014-05-08 04:23:19 +02:00
|
|
|
hostile relay could selectively disable some client use of target
|
2014-05-06 22:28:34 +02:00
|
|
|
relays by constucting a router descriptor with a different
|
|
|
|
|
identity and the same microdescriptor parameters and getting the
|
|
|
|
|
authorities to list it in a microdescriptor consensus. This fix
|
|
|
|
|
prevents an attacker from causing a microdescriptor collision,
|
|
|
|
|
because the router's identity is not forgeable.
|
