Re: posting hidden service descriptors

[Roger Dingledine <arma@xxxxxxx>]

On Tue, Mar 20, 2007 at 12:37:22PM -0400, James Muir wrote:
> I know that hidden servers must post their descriptors to the DAs 
> anonymously to avoid exposing their IP addresses.  Is this done through 
> a normal (i.e. three hop) circuit?

Yes.

>  I suspect it is not because in 
> src/or/circuitbuild.c there is a condition for creating one-hop tunnels 
> and a log message "Launching a one-hop circuit for dir tunnel."

No, one-hop circuits are for begin_dir cells. See 6.2.1 in
tor-spec.txt. They let you connect to a directory port in an encrypted
authenticated manner, which can also be handy when your local network
is filtering certain http requests or ports. The one-hop circuits
are intended for cases where currently you'd just be making a direct
connection: now you connect to the Tor server and ask to connect to
its dirport.

> My concern here is that using a one-hop circuit exposes the origin of 
> the hidden service to that onion router (i.e. the one-hop).

Yep. That would be bad.

>Even if the 
> data the one-hop relays to the DA from the OP is encrypted, the one-hop 
> still learns an IP address which originates some hidden service 
> (although, it may not be certain which one exactly).

Agreed.

--Roger