Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #988

Closed (moved)
Open
Opened May 24, 2009 by Roger Dingledine@arma

Different TLS certs for incoming vs outgoing

We should learn to present different TLS certs for incoming connections vs outgoing connections.

The motivating example is bridges. They want to show the same identity to people who connect, yet behave like clients when they connect to other relays (e.g. change keys when they change IP addresses).

(Of course, this change would provide a new way to test for bridges: if a Tor connects to you, connect back and see if the cert is different. But at least that's an active test that requires the bridge to connect to you first. But then, the attack I describe above only kicks in when the bridge connects to you. Hm.)

[Automatically added by flyspray2trac: Operating System: All]

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
Tor: 0.2.2.x-final
Milestone
Tor: 0.2.2.x-final
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#988