[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Hidden services on Tor versions 0.1.2.x should be upgraded soon!

Hash: SHA1

Hi folks,

if you run a hidden service on Tor version 0.1.2.x or lower, you should
upgrade to 0.2.0.x or 0.2.1.x soon. Otherwise, people running Tor
versions 0.2.2.x or higher won't be able to reach your hidden service.

Why is this the case? We added a new format for hidden service
descriptors in 0.2.0.x and made hidden services and clients speak both
the old and the new format. 0.2.1.x didn't change that. But in 0.2.2.x
we have just dropped support for the old format. Speaking both formats
at the same time means an unnecessary message overhead that we have to
stop at some point. That means that a hidden service running 0.1.2.x and
a client running 0.2.2.x won't be able to connect; the same applies to
hidden services on 0.2.2.x and clients on 0.1.2.x.

This is also a reminder that 0.1.2.x is obsolete. End-of-life for
0.1.2.x was announced in February 2009 [0]. There are known security
holes in 0.1.2.x that are fixed in later versions. Please upgrade!

- --Karsten

[0] http://archives.seul.org/or/announce/Feb-2009/msg00000.html
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org