changes file for bug11743

2025-02-23 14:40:51 +01:00 · 2014-05-06 16:28:34 -04:00 · 2014-05-06 16:28:34 -04:00 · ea570fa13c
commit ea570fa13c
parent 4a621a50f5
1 changed files with 15 additions and 0 deletions
--- a/changes/bug11743
+++ b/changes/bug11743
@ -0,0 +1,15 @@
+  o Major security fixes (directory authorities):
+
+    - Directory authorities now include a digest of each relay's
+      identity key as a part of its microdescriptor.
+
+      This is a workaround for bug #11743, where Tor clients do not
+      support receiving multiple microdescriptors with the same SHA256
+      digest in the same consensus. When clients receive a consensus
+      like this, they only use one of the relays. Without this fix, a
+      hostile relay could selectively disable client use of target
+      relays by constucting a router descriptor with a different
+      identity and the same microdescriptor parameters and getting the
+      authorities to list it in a microdescriptor consensus. This fix
+      prevents an attacker from causing a microdescriptor collision,
+      because the router's identity is not forgeable.