[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

On Wed, Feb 13, 2008 at 02:42:14PM -0500, Paul Syverson wrote:
> On Wed, Feb 13, 2008 at 10:54:57AM -0800, Seth David Schoen wrote:
> > Paul Syverson writes:
> > 
> > > "The Onion Router" would make no sense in any case. It would
> > > imply that there was one amongst the c. 2K onion routers currently out
> > > there carrying traffic that is the genuine article.
> > 
> > I think it makes sense to call the _software_ "the onion router" and
> > any individual node "an onion router" (akin to "the Apache web server"
> > and "an Apache web server", "the Squid proxy" and "a Squid proxy").
> > 
> Fair enough. Although it still doesn't seem right with me.
> What is that web server running on? The Apache web server.
> What are you proxying through? The squid proxy.
> Notice that `server' and `proxy' are part of the question.  Perhaps if
> people asked questions like, "Which anonymity router is on that node?"
> and there were onion routers and crowds routers or freedom routers or
> something I could hear "The Onion Router" without cringing. But so far
> that seems unlikely. 'Tor' is a nice because it is ambiguous between
> software, network, project, 501(c)3, etc. not to mention its parsing.
> (I like the recursive reading of it best.) And don't get me started on
> regretting going along with the title of the Tor design paper,
> multiple things wrong with that title. ;>)

Was cleaning my spam traps and several messages in this thread were
in them, so I reread the thread and had a further reflection on
why "The Onion Router" just seems wrong and makes me cringe when
I hear it. (The cringe came first. The explanations will dribble out.
It's kind of also how I do math or system design.)

Another important distinction between, e.g., Apache and Tor is that
the Apache software is for a web _server_. The Tor software is for
both an onion router and a client. In the first generation of onion
routing these were integrated in a much more P2P way (although not
intended to be P2P in the usual sense because we were focused on
enterprises and enclaves running it, not individuals).In the second
generation we separated the need to always run an onion router if you
are running a client. In the third generation (Tor) this separation
continues. So, for first generation onion routing, one could perhaps
sensibly refer to the software as "The Onion Router". But since about
late 1996, it has made no sense for another reason than the
ones I gave above: If "the Apache web server" referred to software
that was used both for the web server and (far more widely) for a web
client then it would be analogous to onion routing (second or third
gen). But if that were the case, then I don't think anyone would refer
to the software as "the Apache web server" since it would not be only
the web server, just as Tor is not only the onion router but also the

Yours persnickety,