[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #31857 [Core Tor]: Consider adopting vanguard's security suggestions for onionbalance
#31857: Consider adopting vanguard's security suggestions for onionbalance
-------------------------------------------------+-------------------------
Reporter: asn | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs scaling onionbalance | Actual Points:
network-team-roadmap-september tor-spec |
Parent ID: #26768 | Points:
Reviewer: | Sponsor:
| Sponsor27-can
-------------------------------------------------+-------------------------
Comment (by mikeperry):
In particular, the most important is property that it should be possible
for an onion service to use onionbalance without giving away how many
back-end onionbalance instances there are.
Second to that, and ideally, it would be best if it is possible for a
service to use onionbalance v3 without it being obvious to clients that
the service is using onion balance at all. So the HSv3 descriptor
structure should be the same formatting for onionbalamce case as for the
vanilla HSv3 case, and not have different orderings, different numbers of
IPs, or recognizable signing oddities.
I'm not sure if this is even feasible with whatever cryptographic tricks
we're doing to support v3 (I wish I paid more attention when we were
brainstorming among options :/), but maybe there is still a way?
After that, the actual vanguards integration and juggling of the state
file is just a nice-to-have.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31857#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs