[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector



On Thursday 26 June 2008, F. Fox wrote:
> 7v5w7go9ub0o wrote:
> (snip)
>
> > This actually creates another question (not to be argumentative :-) ).
> >
> > Given that there is no exit node, would an OnionCat to OnionCat
> > connection over TOR need to be encrypted? Is it plain-text anywhere
> > along the line?
>
> (snip)
>
> No, it wouldn't need extra encryption - a hidden-service connection has
> end-to-end encryption by its very nature.
>
> However - if I understand it right - a connection over OnionCat would
> still need strong authentication for a service like VNC (say, through
> SSH), regardless of the presence of encryption.

Yes of course you do need authentication anyway!!!
Because everybody who knows the onion-id (or IPv6-derivative can also connect 
to your hidden service (OnionCat) through TOR.

Bernhard

Attachment: signature.asc
Description: This is a digitally signed message part.