[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal: Single onion services



tordev123@xxxxxxxxxxxxx wrote:
>> The final circuit looks like:
>> 
>> Client -> Guard -> Middle -> Middle -> Single Onion
>> 
>> The clientâs traffic is encrypted through to the single onion server as
>> well.
> 
> IMO, the second Middle relay can be considered serving as an exit with regards to Single Onion services - that's what I meant with 'exit node lite'.
> 
> There was the case of an Austrian exit node operator getting prosecuted. It will sometimes be possible to attribute traffic relating to specific transactions to the second Middle node in the path (e.g. when the single onion server keeps detailed logs). So the circumstances of that case could apply to a non-exit relay operator as well.
> 
> Your proposal is shifting non-exit relays towards performing a role that can be considered exit-like, even if that role is much more limited than normal exits (and there is an additional Tor protocol layer involved).

I see at least two important distinctions:

1) A single onion service is intentionally supporting tor users. Unlike an exit relay, youâre never connecting to anything that isnât explicitly intended to accept tor.

2) The second middle relay in this circuit has no useful information - even less than an exit relay in a traditional circuit.

I donât think this role can be considered âexit-likeâ in any way. A single onion service is effectively part of the tor network, even if itâs not relaying other traffic.

- special

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev