Prop 312: 3.2.3 Limit Directory Authority Addresses to Address and ORPort
For security reasons, directory authorities only use addresses that are explicitly configured in their torrc. Since local interface addresses are implicit, and may depend on DHCP, directory authorities do not use this address resolution method (or any of the other, lower-priority address resolution methods).
See proposal 312, section 3.2.3, directory authority case: https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-ipv6-addr.txt#n388
Activity
Trac:
Parent Ticket: legacy/trac#33049 (moved)added 044-deferred in Legacy / Trac component::core tor/tor in Legacy / Trac parent::33049 in Legacy / Trac points::1 in Legacy / Trac priority::medium in Legacy / Trac prop312 in Legacy / Trac security-low in Legacy / Trac severity::normal in Legacy / Trac sponsor::55-must in Legacy / Trac status::assigned in Legacy / Trac tor-dirauth in Legacy / Trac type::enhancement in Legacy / Trac labels
I think we should do legacy/trac#33237 (moved) and legacy/trac#33239 (moved), but they aren't urgent, so we should leave them until the end of the project.
Trac:
Keywords: N/A deleted, security-low addedmentioned in issue legacy/trac#33049 (moved)
moved from legacy/trac#33239 (moved)
mentioned in issue #33049 (closed)
added Feature + 1 deleted label and removed 1 deleted label
added Icebox label
changed milestone to %Tor: 0.4.5.x-freeze
mentioned in issue #33237 (closed)
AddressandORPorthave different meaning.The
Addressis the one you consider your relay accessible from so the one that will be published in the descriptor.The
ORPortis where to listen on. If noAddressexists, then it is used as the "primary" IP. And if no address is used with that option, address discovery continues onto the network interface and then local hostname DNS query.assigned to @dgoulet
mentioned in merge request !76 (merged)
closed via merge request !76 (merged)
added Security label and removed 1 deleted label
