[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17945 [Core Tor/Tor]: Stop single hop client connecting to (Rendezvous) Single Onion Services

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #17945 [Core Tor/Tor]: Stop single hop client connecting to (Rendezvous) Single Onion Services
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 02 Jul 2018 05:04:31 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 02 Jul 2018 01:04:42 -0400
In-reply-to: <044.6a3a98eea8b9710b6261ad208eb2c457@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.6a3a98eea8b9710b6261ad208eb2c457@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17945: Stop single hop client connecting to (Rendezvous) Single Onion Services
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  dgoulet
     Type:  enhancement                          |         Status:
                                                 |  accepted
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor2web, tor-hs, 029-proposed, 029   |  Actual Points:  0.4
  -teor-no, needs-design, needs-proposal-maybe,  |
  single-onion, review-group-33,                 |
  034-triage-20180328, 034-removed-20180328      |
Parent ID:  #24962                               |         Points:  5
 Reviewer:  asn, teor                            |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:58 arma]:
 > Am I missing something here, or did the #24902 change, where relays by
 default now try to tarpit establish-rendezvous requests that come directly
 from clients, accomplish the goals of this ticket? Or were the goals
 broader?

 There aren't any onion service single-hop proxies any more. And no onion
 service relay knows both the client and service address.

 But Tor2web still gives away client IP addresses by connecting directly to
 HSDirs and intro points. Maybe we want a consensus parameter to block this
 insecure behaviour if it causes trouble in future?

 * #22689 is for into points, which still get direct connections from
 Tor2web clients, but all services and other clients always use 3-hop
 connections
 * #22688 is for HSDirs, which still get direct connections from Tor2web
 clients, but all services and other clients always use 3-hop connections

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:59>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #26647 [Core Tor/Tor]: defect: Spec for net/listeners/* doesn't covers HTTPTunnelPort directive
Next by Author: Re: [tor-bugs] #26817 [Core Tor/Tor]: Use NSS for DH
Previous by thread: Re: [tor-bugs] #17945 [Core Tor/Tor]: Stop single hop client connecting to (Rendezvous) Single Onion Services
Next by thread: Re: [tor-bugs] #4700 [Core Tor/Tor]: Tor should provide a mechanism for hidden services to differentiate authorized clients and circuits
Index(es):
- Author
- Thread