[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

F. Fox @ 2008/06/26 02:39:
> 7v5w7go9ub0o wrote:
> (snip)
>> This actually creates another question (not to be argumentative :-) ).
> 
>> Given that there is no exit node, would an OnionCat to OnionCat
>> connection over TOR need to be encrypted? Is it plain-text anywhere
>> along the line?
> (snip)
> 
> No, it wouldn't need extra encryption - a hidden-service connection has
> end-to-end encryption by its very nature.
> 

unless the nodes in the circuit were all using compromised ssh keys due
to that recent debian bug, or other unknown future bugs.  in this case,
extra encryption might be the saving grace.


-----BEGIN PGP SIGNATURE-----

iD8DBQFIYyWuXhfCJNu98qARCGJUAJ9Ut8Am0xRq+02RfGByWgnyZIBJiwCgocIz
UIeYXJYR7+wg+3trT8TMILo=
=rspm
-----END PGP SIGNATURE-----