[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17254 [Tor]: Scalable HSes by splitting intro/rendezvous

Subject: Re: [tor-bugs] #17254 [Tor]: Scalable HSes by splitting intro/rendezvous
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 14 Oct 2015 15:23:03 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 14 Oct 2015 11:23:12 -0400
In-reply-to: <044.2166a12988baf368f3c6ee8626da8937@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.2166a12988baf368f3c6ee8626da8937@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17254: Scalable HSes by splitting intro/rendezvous
-------------------------+------------------------------------
 Reporter:  TvdW         |          Owner:
     Type:  enhancement  |         Status:  needs_revision
 Priority:  Medium       |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor          |        Version:
 Severity:  Normal       |     Resolution:
 Keywords:  tor-hs       |  Actual Points:
Parent ID:               |         Points:  medium
  Sponsor:  SponsorR     |
-------------------------+------------------------------------
Changes (by asn):

 * cc: special (added)


Comment:

 Replying to [comment:11 teor]:
 > Replying to [comment:8 nickm]:
 > > Comments on the spec branch:
 > >    * I really don't like sending private keys around like this.  Is
 there any way to avoid it?
 >
 > I discussed an alternative design with TvdW, where the introduction side
 decrypts the blob using the introduction key, then hands off the decrypted
 fields to the rendezvous side. This avoids sending the key, so if the
 decrypted fields are exposed, only that rendezvous is affected. The
 tradeoff is increased decryption load on the introduction side.
 >
 > I think this change is worth it for the security improvement.

 It seems to me that if this new design goes forward, the feature will be
 almost equivalent to what #16059 needs for the "rendezvous approver" API.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17254#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17254 [Tor]: Scalable HSes by splitting intro/rendezvous
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17314 [Stem]: License for Erebus
Next by Author: Re: [tor-bugs] #17311 [Service - lists]: Please make tor-project@
Previous by thread: Re: [tor-bugs] #17254 [Tor]: Scalable HSes by splitting intro/rendezvous
Next by thread: Re: [tor-bugs] #17254 [Tor]: Scalable HSes by splitting intro/rendezvous
Index(es):
- Author
- Thread