[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] 100-Foot Overview on Tor

Tom Ritter <tom@xxxxxxxxx> wrote:

> I've put together a slide deck that aims to provide a 100-foot
> overview on little-t tor and Tor Browser. 100 foot, meaning I go into
> a lot of technical detail, but not 10 or 1 foot which means some
> things are definitely glossed over or handwaved a little. My
> consistency with the 'foot level' throughout the deck varies a bit,
> but I think it's decent.
> Before I post it on twitter or a blog, I wanted to sent it around
> semi-publicly to collect any feedback people think is useful. In
> particular:
> Slides are at: https://ritter.vg/p/tor-v1.2.pdf  Yes - it is long.


A couple of comments (about v1.3):

From page 68:
| RELAY_EARLY - We donât actually send EXTEND commands
| in a RELAY cell, we use RELAY_EARLY. If a node sees more
| than 8 RELAY_EARLY cells, it assumes youâre trying to make
| an infinite circuit and dies 

This could be interpreted to mean that the node stops functioning
for the whole network (trivial DoS) while the source suggests that
it merely closes the circuit.

Page 73 could mention that the .exit notation is disabled by default.

Page 124:
| PubKey Authorization (Auth Type 2) - Functionally implemented at
| a different HS Address & one-password authorization per client

s/implemented at/implemented as/

Page 138 specifies bandwidth without unit of time.

Page 141 and 142 seem to suggest that parsing strings is more
likely to be vulnerable than parsing binary data. Is that intended?

Is the source of the PDF available under a free license?

I'm currently preparing a (German) presentation about location
hidden block storage and could reuse the HS-related parts:


Attachment: pgpZERWFnQetV.pgp
Description: OpenPGP digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to