[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Sniffing OR-OR connections by rerouting them
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Sniffing OR-OR connections by rerouting them
- From: Roger Dingledine <arma@xxxxxxx>
- Date: Sun, 3 Jul 2005 07:32:40 -0400
- Delivered-to: email@example.com
- Delivered-to: firstname.lastname@example.org
- Delivered-to: email@example.com
- Delivery-date: Sun, 03 Jul 2005 07:32:51 -0400
- In-reply-to: <20050628110822.GA13478@itd.nrl.navy.mil>
- References: <20050627233607.GG40487@xs4all.nl> <firstname.lastname@example.org> <20050628110822.GA13478@itd.nrl.navy.mil>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mutt/1.5.9i
Hey, this is a nice bug. Thanks for finding it, dvorak.
On Tue, Jun 28, 2005 at 07:08:22AM -0400, Paul Syverson wrote:
> For these and the reasons Adam raises it could also make sense for
> Alice to tell Bob the IP address she has for him. If it is acceptable,
> no action from Bob need be taken other than continuing the connection.
> If it is unknown/unacceptable, Bob can send back a currently acceptable
> alternative and then kill the connection.
I think this is probably the way to go. Once the connection is
established, Alice should send a cell indicating what IP:port she thought
she was connecting to. If Bob thinks this is scary, he can hang up.
Having Bob make these decisions is better, since we can make Bob smarter
down the road about what locations are acceptable, and Alice never has
I'm going to try to resist adding the 'currently acceptable alternative'
business, since most of the time everybody should have it right in the
first place, so this will be a rarely used feature that just adds bulk
(and risk) to the design. But if it turns out we need it, we can add it.