[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] ICANN and .onion

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] ICANN and .onion
From: Anders Andersson <pipatron@xxxxxxxxx>
Date: Mon, 19 May 2014 11:24:06 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 19 May 2014 05:26:28 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=os3u3ri/gUgwMQ1ZkoGA5S+IYVVc2X/+itQodXWhrHw=; b=UYH+yHGbpamcQ5afi4ldRn+dEI5skHTCBpFBMIMoRdeQ8pV5c3rxQ3BUTmpeltMxg0 X8MD3m3VxkFsfdFiRJsFzWXYQHjHz+tDk+Yjh4kuNyC6pUjFLo/O/fbsXY39q4Z1rO04 puI8dF8BYL0fPFJRWHOdP1MsISclb93twE8jmTbMfGjKUmFP8FjeXg18C1ECI//ZF8OT ijwAhMkk9KDoJdMdXnX4clpgI31GX39rq7Hw5C4ZsnApqUKjHCAjKtycPB6W5D2RYeWQ JmAHprTtwkQHg656zB1HU8f7x/Ejs5hWqAG7Bd/UQ7MgsJPEFWF9z8nb7WhAwD0dVD30 5v7w==
In-reply-to: <CAD2Ti2855w-9q9rG87Xf7ZC1OWs2-jU00rtpgoC6+8yR56sdTQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKkunMYSfq5uvN7JEy0Hav1q1eV72-Ch1Gbd6wTVz-DMDr+0ZQ@xxxxxxxxxxxxxx> <20140519035702.GY5842@xxxxxxxxxxxx> <CAD2Ti2855w-9q9rG87Xf7ZC1OWs2-jU00rtpgoC6+8yR56sdTQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Mon, May 19, 2014 at 7:06 AM, grarpamp <grarpamp@xxxxxxxxx> wrote:

> Users leaking dns / failing to redirect dns into tor is not a tor problem.
>

I think that's a rather arrogant point of view. If it was not a Tor
problem, .onion would not be needed in the first place. Tor developers do
seem to work hard on making it difficult for a user to accidentally leak
information, so simply saying that users "failing to redirect dns into tor
is not a tor problem" is a little counterproductive.

If someone would register .onion I see two problems:

1) A malevolent registrar could redirect all .onion lookups to their own
proxy, essentially routing all "hidden" traffic through their own machine.
At the moment, clicking a .onion link means that it either routes through
Tor, or it fails loudly: there's no risk clicking such a link. This
behaviour would change to something that either routes through Tor and
you're safe, or you think it routes through Tor but it's actually decoded
by a third part. I think that's a usability issue, and not something that
should simply be ignored. Maybe it's not something that can easily be
solved, but that is why there must be a discussion about it. Maybe the only
solution is to strongly warn users.

2) Useful websites could actually pop up under .onion, making a plugin that
takes over that domain seem intrusive and less attractive. This is less of
a problem I think.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] ICANN and .onion
  - From: Andrew Lewman
- Re: [tor-talk] ICANN and .onion
  - From: hellekin

References:
- [tor-talk] ICANN and .onion
  - From: Anders Andersson
- Re: [tor-talk] ICANN and .onion
  - From: Andrew Lewman
- Re: [tor-talk] ICANN and .onion
  - From: grarpamp

Prev by Author: [tor-talk] ICANN and .onion
Next by Author: Re: [tor-talk] General questions about Tor proxy
Previous by thread: Re: [tor-talk] ICANN and .onion
Next by thread: Re: [tor-talk] ICANN and .onion
Index(es):
- Author
- Thread