Tom Ritter <tom@xxxxxxxxx> wrote: > I've put together a slide deck that aims to provide a 100-foot > overview on little-t tor and Tor Browser. 100 foot, meaning I go into > a lot of technical detail, but not 10 or 1 foot which means some > things are definitely glossed over or handwaved a little. My > consistency with the 'foot level' throughout the deck varies a bit, > but I think it's decent. > > Before I post it on twitter or a blog, I wanted to sent it around > semi-publicly to collect any feedback people think is useful. In > particular: [...] > Slides are at: https://ritter.vg/p/tor-v1.2.pdf Yes - it is long. Great. A couple of comments (about v1.3): From page 68: | RELAY_EARLY - We donât actually send EXTEND commands | in a RELAY cell, we use RELAY_EARLY. If a node sees more | than 8 RELAY_EARLY cells, it assumes youâre trying to make | an infinite circuit and dies This could be interpreted to mean that the node stops functioning for the whole network (trivial DoS) while the source suggests that it merely closes the circuit. Page 73 could mention that the .exit notation is disabled by default. Page 124: | PubKey Authorization (Auth Type 2) - Functionally implemented at | a different HS Address & one-password authorization per client s/implemented at/implemented as/ Page 138 specifies bandwidth without unit of time. Page 141 and 142 seem to suggest that parsing strings is more likely to be vulnerable than parsing binary data. Is that intended? Is the source of the PDF available under a free license? I'm currently preparing a (German) presentation about location hidden block storage and could reuse the HS-related parts: http://chaos.cologne/Fahrplan/events/6653.html Fabian
Attachment:
pgpZERWFnQetV.pgp
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk