[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] ng-rend-spec and very public services



Hi,

So I was thinking, perhaps incorrectly, that ng-rend-spec doesn't do
enough to protect very public onion services. Sure, there are
advantages to the proposed changes. What if the adversary is also
someone who can derive the credentials? Encrypted descriptors don't do
much if you can throw SIGINT at HSDirs to determine when they're used.
Even less if you happen to be a HSDir who knows a list of public onion
services and you want to know if you're in possession of any of their
descriptors. If you happen to be using OnioNS you've got another
contributing factor in the form of the onion service lookup leaking
intent to resolve.

Tell me I'm just being paranoid.

--leeroy

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk