On 3 April 2017 at 13:04, George Kadianakis <desnac...@riseup.net> wrote:
> I'm calling it weird because I'm not sure how an > attacker can profit from being able to provide two addresses that > correspond to the same key, but I can probably come up with a few > scenarios if I think about it. Hi George! I'll agree it's a weird edge case :-) I think the reason my spider-sense is tingling is because years of cleaning up after intrusions has taught me that sysadmins and human beings are very bad at non-canonical address formats, especially where they combine them with either blacklisting, or else case-statements-with-default-conditions. If one creates scope for saying "the address is <foo>.onion but you can actually use <foo'>.onion or <foo''>.onion which are equivalent" - then someone will somehow leverage that either a) for hackery, or b) for social engineering. Compare: * http://017700000001 * http://2130706433 * http://0177.0.0.1 <- this one tends to surprise people * http://127.0.0.1 …and the sort of fun shenanigans that can be done with those "equivalent forms" People who've been trained not to type [X] into their browser, might be convinced to type [X'] It's a lot easier for people to cope with there being one-and-only-one viable form for any given hostname or address-representation. -a -- http://dropsafe.crypticide.com/aboutalecm
_______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev