From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 6 May 2014 20:28:34 +0000 (-0400)
Subject: changes file for bug11743
X-Git-Tag: tor-0.2.5.5-alpha~96^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ea570fa13c3305406790125d01de301b3f894ab1;p=thirdparty%2Ftor.git

changes file for bug11743
---

diff --git a/changes/bug11743 b/changes/bug11743
new file mode 100644
index 0000000000..89e4bbc2b1
--- /dev/null
+++ b/changes/bug11743
@@ -0,0 +1,15 @@
+  o Major security fixes (directory authorities):
+
+    - Directory authorities now include a digest of each relay's
+      identity key as a part of its microdescriptor.
+
+      This is a workaround for bug #11743, where Tor clients do not
+      support receiving multiple microdescriptors with the same SHA256
+      digest in the same consensus. When clients receive a consensus
+      like this, they only use one of the relays. Without this fix, a
+      hostile relay could selectively disable client use of target
+      relays by constucting a router descriptor with a different
+      identity and the same microdescriptor parameters and getting the
+      authorities to list it in a microdescriptor consensus. This fix
+      prevents an attacker from causing a microdescriptor collision,
+      because the router's identity is not forgeable.