diff options
author | Nick Mathewson <nickm@torproject.org> | 2014-02-06 17:08:50 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2014-02-07 10:45:34 -0500 |
commit | 1068e50aecefac8469991884afc08b6ecb24e740 (patch) | |
tree | 90329bd25af1be5d58152d25321b10cbb9202b43 /changes | |
parent | a7e946596d6da9aca80456141b7fddbc198c217c (diff) | |
download | tor-1068e50aecefac8469991884afc08b6ecb24e740.tar tor-1068e50aecefac8469991884afc08b6ecb24e740.tar.gz |
Discard circuit paths on which nobody supports ntor
Right now this accounts for about 1% of circuits over all, but if you
pick a guard that's running 0.2.3, it will be about 6% of the circuits
running through that guard.
Making sure that every circuit has at least one ntor link means that
we're getting plausibly good forward secrecy on every circuit.
This implements ticket 9777,
Diffstat (limited to 'changes')
-rw-r--r-- | changes/feature9777 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/changes/feature9777 b/changes/feature9777 new file mode 100644 index 000000000..312b5e034 --- /dev/null +++ b/changes/feature9777 @@ -0,0 +1,3 @@ + o Minor features: + - Avoid using circuit paths if no node in the path supports the ntor + circuit extension handshake. Implements ticket 9777. |