--- On Tue, 4/28/09, Scott Bennett <[email protected]> wrote:

> From: Scott Bennett <[email protected]>
> Subject: Re: 25 tbreg relays in directory
> To: [email protected]
> Date: Tuesday, April 28, 2009, 12:57 AM
[cut for clarity]
>      That brings up something that has bothered me for a
> long time.  When
> tor discovers that its version doesn't match any in
> either client-versions
> or server-versions, it currently writes complaints about it
> to the log(s),
> but seems to do nothing further about it.  I'd like to
> see either of the
> following.
> 
>       a) Addition of three lines to the consensus documents to
> prevent use
>          of unsafe versions of tor
[etc...cut for clarity]
I also agree that there should be version checking, i didn't even know it 
wasn't done so already... :(
I would furthermore suggest to build a version fingerprint that uses some 
remotely calculated CRC value of the client.
My reason for that is to prevent the tor network to be poluted by specialy 
"tweaked/altered" versions, which might endanger the security of the whole 
network.
(Let your imagination do a free run on possibilities in such cases).
By "remotely calculated CRC-value of the client" i mean that the destination 
does the CRC calculation of the connecting client.
Yes this means the client needs to send all of its binary-self to the 
destination.
After this CRC-value has been calculated _once_ by a destination, that 
destination should announce the presence of the client to the whole network if 
its a valid client (not matter in what mode it runs).
These CRC-values could be centrally maintained by the tor-development center 
and made accessible public or by a hidden service.

IMHO, this kind of "login procedure to enter the tor-network" will make it more 
secure and manageable.
Again, i have _no_ idea at present how the tor program handles things at 
present, so if its already done like that or even better just disregard what i 
wrote :D


      

Reply via email to