Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #9854

Closed (moved)
Open
Opened Sep 30, 2013 by Karsten Loesing@karsten

Removing or not sanitizing ContactInfo lines in bridge descriptors

There's an interesting question in the Tor StackExchange beta:

I'm guessing that a bridge uploads its ContactInfo to the bridge
authority, so there's a point of contact for the Tor project.

Is this information available to any other parties, i.e. users requesting
bridges, or people randomly connecting to IP addresses looking for Tor
installations?

In practice, users of a bridge will be able to learn the bridge's ContactInfo line, because they download the bridge's descriptor.

But Tor people will have a hard time to do that, because this line is removed from bridge descriptors in the sanitizing process. One needs access to the non-sanitized descriptors, which limits the set of people to maybe five. I don't remember a single time in the past couple of years when we tried to contact bridge operators using provided contact information.

This is rather unexpected for bridge operators, I'd think. I guess most bridge operators would expect their contact information to be known to Tor project people and used for debugging only.

Three options:

  1. We conclude we don't need the contact line for bridges, because we wouldn't contact the bridge operator anyway. Bridges should remove that line from their descriptor before uploading.
  2. We decide this information is important and that we should have it available more easily. We don't remove the ContactInfo line when we sanitize bridge descriptors.
  3. We don't change anything, because everything's fine as it is. At least now we know this information is theoretically available to a few Tor people and definitely available to bridge users.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
Tor: 0.2.4.x-final
Milestone
Tor: 0.2.4.x-final
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#9854