[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] hidden services 2.0 brainstorming

I think the concept of hidden services has a lot potential. Not only
because they are hidden. Let's face it:
- You get a free domain for live.
- You get transparent, free end to end encryption. No flawed root CA system.
- That's something remarkable, isn't it?

With some modifications/improvements they could be potentially used for
any website, such as as e-commerce, google, twitter, facebook etc.

hidden services "1.0" as of July 2012 features:
- "optional" [1] client anonymity
- "optional" [2] server anonymity
- somewhat slow both, when client anonymity and server anonymity are active
- free live time domain
- no domain registrar can mess up
- somewhat [3] secure
- very few useful legitimate hidden services exist [4]

ideas for hidden services "2.0":
- Marketing: Free domain for live!
- Marketing: Safer than SSL!
- "optional" [1] client anonymity
- "optional" server anonymity
- add an option to let the server and/or client connect non-anonymously [6]
- somewhat slow both, client anonymity and server anonymity are active
- fast if only one uses anonymity
- very fast if none use anonymity
- establish new human friendly name system [7]
- improved stability, reachability, performance and dos protection features

- More legitimate hidden services. Better reputation for Tor.
- Real solution for the flawed root CA system.
- Say goodbye to the DNS hierarchy system, DNS spoofing etc. Free
domains, domain security depends on local security, not on registrar /
DNS system.
- Tor gets more known and gets more relay / bridge contributors.
- Safes exit bandwidth.

[1] Optional because if Tor2webMode is set to 1: Tor connects to hidden
services non-anonymously. As far I know it connects to the rondevouz
point directly, server of course stays anonymous.
[2] There are exit enclaves. The server acts as exit and allows to exit
to it's own IP.
[3] Please don't make that the topic here. What I mean is the domain
name may not be long enough, weak sha1 hash and the encryption keys are
not the most up to date, strongest ones.
[4] Depends on opinion, anyway, much more legitimate and useful servers
can not hurt. Let's not make this the topic here.
[5] One hop circuit or can you even make a 0 hop circuit, i.e. direct
[6] Non-anonymous domains could use something else, not .onion.
[7] There is already at least one proposal, pet name system.
tor-talk mailing list