[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Special-use-TLD support

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Special-use-TLD support
From: Tim Wilson-Brown - teor <teor2345@xxxxxxxxx>
Date: Tue, 29 Sep 2015 09:42:54 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 29 Sep 2015 03:43:20 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:message-id :references:to; bh=jddiY4nLfXCLy59VAxJVI9mAJ1Fm4LTH/f/38F/8Uz0=; b=aoAzUdrskDrMQDoZwgSwv0dBw0Aj5+x3/pSUMcANnHWLzxq9Vr+heX6n8dPAT6hcaC kw5PQUH73zqMelt8f1e619WwGTXz30wHWVIxaPsNHyNrMyqfHzZg6GrtaFDjkww4vpX2 ftAPufPiyfdqUa/Ud7aOJQE5ywhmr3N8CF4PC6KV1BU1AhAfQxVYhNGVtfP8MHrlU4Xu ULIhXww2RpFTJmyAaIxYUu6ijukPztfUShBCpkL41KKUNfZXoXMWmo3g1xEoFfBdu3t/ /QHSKvufBoLWkide5T98jeYYvd82bsQG0ucIv+sem1qtDPOj9rfFOMBghgw1Cuc0639S 7JFg==
In-reply-to: <1443512383.1686.199.camel@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <1443376037.1686.18.camel@xxxxxxxxxx> <56086E5C.70906@xxxxxxxxx> <1443447266.1686.77.camel@xxxxxxxxxx> <5609E274.60006@xxxxxxxxx> <1443512383.1686.199.camel@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On 29 Sep 2015, at 09:39, Jeff Burdges <burdges@xxxxxxxxxx> wrote:

The issue I do see is that SPV validation doesn't work well unless
you
ask multiple peers to make sure that you're getting the chain with
the
most PoW. So I gather that this would require connecting to Namecoin
peers running on multiple exit nodes. I don't think that's
problematic, but it would have to be taken into account.

This is no different from validation for existing DNS results. Tor
attempts to prevent this by building a list of bad exits, but it's
challenging to catch an exit that attacks only one website.

You could check multiple peers but that costs you some anonymity. If
you use many .bit names, this might expose the fact that you use
Namecoin to your guard.

How do you anticipate this exposure happening? Via traffic correlation?

As far as I understand, your guard only sees your encrypted traffic, and not your exit(s) or your DNS queries.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Special-use-TLD support
  - From: Jeff Burdges
- Re: [tor-dev] Special-use-TLD support
  - From: Jeremy Rand
- Re: [tor-dev] Special-use-TLD support
  - From: Jeff Burdges
- Re: [tor-dev] Special-use-TLD support
  - From: Jeremy Rand
- Re: [tor-dev] Special-use-TLD support
  - From: Jeff Burdges

Prev by Author: Re: [tor-dev] Special-use-TLD support
Next by Author: Re: [tor-dev] Anycast Exits (related : Special-use-TLD support)
Previous by thread: Re: [tor-dev] Special-use-TLD support
Next by thread: Re: [tor-dev] Special-use-TLD support
Index(es):
- Author
- Thread