Re: [tor-dev] Proposal: Single onion services

[John Brooks <john.brooks@xxxxxxxxxxxxxxxx>]

tordev123@xxxxxxxxxxxxx wrote:

> Doesn't your proposal imply that you are turning all relays into
> exit-nodes lite? The last relay in the path will know what service you are
> connecting to (at least if that service is hosted with a unique relay),
> right?

A single onion service operates its own server(s). These servers accept OR
connections like a relay does, but they arenât required to be in the
consensus or to relay traffic. They are the servers listed in the
descriptor.

A client connects by extending a circuit to the single onion server. This is
not the same as an exit connection: tor relays will extend circuits to
relays they don't know about, as long as the destination speaks the tor
protocol. Itâs possible for any tor relay to be used as the last one before
the single onion server.

If the single onion server isnât also a tor relay, itâs possible for the
previous relay to guess the service youâre connecting to. This isnât a risk
to client anonymity, because tor clients will always choose the first three
hops in a circuit before extending to one they didnât choose. The final
circuit looks like:

Client -> Guard -> Middle -> Middle -> Single Onion

The clientâs traffic is encrypted through to the single onion server as
well.

> 
> Have you considered all the implications?

Maybe weâve missed some - what implications are you thinking of, that arenât
addressed in the proposal?

Note that all tor relays are already willing to extend circuits to an
arbitrary IP:port - that is not a new behavior, and itâs not thought to be
dangerous.

- special

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev