6 Nov
2015
6 Nov
'15
4:11 a.m.
On 29 October 2015 at 11:25, Nick Mathewson nickm@freehaven.net wrote:
There are two possible ways a new connection to a directory authority can be established, directly by a TCP connection to the DirPort, or tunneled inside a Tor circuit and initiated with a begindir cell. The client can originate the former as direct connections or from a Tor exit, and the latter either as fully anonymized circuits or one-hop links to the dirauth's ORPort.
Relays fetch the consensus from a V2Dir. Thus there is no risk that an attacker can prevent an exit from fetching a consensus by (trying to) DOS the DirAuths through it. I believe that's correct, just wanted to say it out loud and let everyone confirm I guess.
-tom