[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Talks of hidden services and DNS



The tricky part will be deciding who is authoritative for the DNS records. 
If any user can submit a name, what if its already taken? Does it 
overwrite, or is it first-come, first-serve? If its distributed, then a 
rogue operator could serve false responses for a target name. If this is 
something that the tor "core" would operate, it still needs some form of 
authentication to manage/update/remove/etc.... and authentication seems 
to be the exact opposite of what tor is supposed to provide.

-HD

On Sunday 11 March 2007 21:10, Kasimir Gabert wrote:
> I do not see any major security holes that this would bring up.  It
> seems to me like it would be the same as accessing google.com through
> Tor -- the DNS is looked up through Tor and so it would not be
> overridden by a malicious ISP or country.