Jeremy Rand: > Hi Tor community! > > As we all know, onion services have rather unwieldy randomly derived > base32-encoded names. This is, of course, a reasonable design, given > the design constraints that onion services have to deal with. And it > works pretty well, all things considered. > > That said, the unmemorable names are also a UX problem, especially for > users who are new to Tor and therefore are accustomed to DNS. Many Tor > users don't consistently check .onion services' names for correctness, > which introduces the risk of phishing attacks. > > So, the Namecoin developers and the Tor Browser developers are running > an experiment, and we'd love to get some feedback from the community. > The currently available Nightly builds of Tor Browser (currently only > GNU/Linux) include optional support for using Namecoin as a naming layer > for onion services. > > To try it out, once you have a Nightly version of Tor Browser for > GNU/Linux installed, try running it with the environment variable > "TOR_ENABLE_NAMECOIN=1". The following domains can be used to test the > support: > > http://federalistpapers.bit/ > http://onionshare.bit/ > http://riseuptools.bit/ > http://submit.theintercept.bit/ > http://submit.wikileaks.bit/ > > These domains are held by Namecoin community members who are happy to > donate them to the "rightful" owners on request. However, since they > haven't been donated *yet*, don't rely on these domains for security > (e.g. you should *not* use this to submit documents to The Intercept). > > For somewhat more detailed instructions (e.g. if you don't know how to > get a Tor Browser nightly build, or if you don't know how to set > environment variables), see my workshop notes from the 36C3 Critical > Decentralization Cluster: > > https://www.namecoin.org/resources/presentations/36C3/tor-workshop/ > > Like any experiment, this experiment is only as good as the feedback we > get. So, if you try it out, please let us know how it goes! Specifically: > > * If it works well for you, please let us know via this thread on the > tor-talk mailing list. > * If you find a bug or otherwise have suggestions for how we could > improve it, please let us know via this thread as well. (Or, if you're > comfortable with Trac, you can report it as a ticket on Trac; please use > the "Tor Browser" component and add "namecoin" to the keywords list so > that the right people notice the ticket.) > > If you're curious about the behind-the-scenes work that went into this > (and you're not afraid of technical details), my talk at the 36C3 > Critical Decentralization Cluster may be interesting to you. See the > following links: > > 36C3 CDC Slides: > https://www.namecoin.org/resources/presentations/36C3/Adventures_and_Experiments_Adding_Namecoin_to_Tor_Browser_36C3_CDC.pdf > > 36C3 CDC Video: https://youtu.be/mc51zyflpa8?t=22638 > > Cheers! Relaying a couple of test reports from other venues to this tor-talk thread so that the right people see them. Masayuki Hatta tested the Namecoin support at 36C3 and posted feedback (including a demo video) on Twitter: https://mobile.twitter.com/mhatta/status/1211651565280468996 LinuxReviews.org posted an article in February about the Namecoin support, including a screenshot they took of it working. https://linuxreviews.org/The_Nightly_Tor_Browser_Build_Has_Support_For_Namecoin_Domain_Names More test reports would be very helpful; if anyone on this list would like to test it out and report back (even if it's as short a report as "it works fine"), it would be greatly appreciated. Cheers! -- -Jeremy Rand Lead Application Engineer at Namecoin Mobile email: jeremyrandmobile@xxxxxxxxxx Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C Send non-security-critical things to my Mobile with OpenPGP. Please don't send me unencrypted messages. My business email jeremy@xxxxxxxxxxx is having technical issues at the moment.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk