[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
posting hidden service descriptors
I am trying to sort out a few low-level details about hidden services.
I know that hidden servers must post their descriptors to the DAs
anonymously to avoid exposing their IP addresses. Is this done through
a normal (i.e. three hop) circuit? I suspect it is not because in
src/or/circuitbuild.c there is a condition for creating one-hop tunnels
and a log message "Launching a one-hop circuit for dir tunnel."
My concern here is that using a one-hop circuit exposes the origin of
the hidden service to that onion router (i.e. the one-hop). Even if the
data the one-hop relays to the DA from the OP is encrypted, the one-hop
still learns an IP address which originates some hidden service
(although, it may not be certain which one exactly).