[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

posting hidden service descriptors

To: or-talk@xxxxxxxxxxxxx
Subject: posting hidden service descriptors
From: James Muir <jamuir@xxxxxxxxxxxxxxx>
Date: Tue, 20 Mar 2007 12:37:22 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 20 Mar 2007 12:37:32 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.10 (X11/20070306)

I am trying to sort out a few low-level details about hidden services.

I know that hidden servers must post their descriptors to the DAs anonymously to avoid exposing their IP addresses. Is this done through a normal (i.e. three hop) circuit? I suspect it is not because in src/or/circuitbuild.c there is a condition for creating one-hop tunnels and a log message "Launching a one-hop circuit for dir tunnel."

My concern here is that using a one-hop circuit exposes the origin of the hidden service to that onion router (i.e. the one-hop). Even if the data the one-hop relays to the DA from the OP is encrypted, the one-hop still learns an IP address which originates some hidden service (although, it may not be certain which one exactly).

-James

Follow-Ups:
- Re: posting hidden service descriptors
  - From: Karsten Loesing
- Re: posting hidden service descriptors
  - From: Roger Dingledine

Prev by Author: Re: Not enough networkstatus documents to launch requests
Next by Author: Re: posting hidden service descriptors
Previous by thread: 502 Bad Gateway
Next by thread: Re: posting hidden service descriptors
Index(es):
- Author
- Thread