#7139: Tor involuntarily sets TLS session tickets
-----------------------------------+----------------------------------------
Reporter: nextgens | Type: defect
Status: needs_review | Priority: major
Milestone: Tor: 0.2.2.x-final | Component: Tor
Version: | Keywords: tor-relay ssl tls security
pfs
Parent: | Points:
Actualpoints: |
-----------------------------------+----------------------------------------
Comment(by nickm):
Hm. So, I buy the "more attack surface than necessary" argument as a
reason to put it in 0.2.3 and later, but I don't think the swapping
argument necessarily holds water.
If we're worried about the key material getting used to encrypt tickets
getting swapped out to disk, we also need to worry about the session key
material getting swapped out, surely. If you're swapping and your swap
isn't encrypted, I don't think you get PFS guarantees.
I could be missing something crucial there--am I?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7139#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
