On 09/27/2016 11:15 AM, Jeff Burdges wrote: > There were a couple reasons I stopped the work on integrating > GNS with Tor, which Christian asked me to do : First, I did not like > that users could confirm that a particular subdomain exists if they know > the base domain's public key. Second, I disliked the absence of the > collaborative random number generator protections you guys added to Tor. I am curious, what is your issue with the subdomains? Are you referring to enumerating all subdomains, or simply being able to confirm that a particular subdomain exists? If I know that google.com exists and I am looking for Google Maps, it seems reasonable that I might try to look up maps.google.com. I wasn't able to find a practical solution against enumeration for OnioNS, but I am curious what your exact concerns are here. -- Jesse
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev