[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Hidden Services - Access control.
On 10/3/14, LluÃs <msl12@xxxxxxxxxxxxxxxx> wrote:
> SocksPolicy policy,policy,...
> Being "policy" the same form as exit policies.
> Since I can "reject" anyone but me, this will act as a kind of
> a firewall for hidden services. Am I right ?
this is not correct; think of SocksPort as a way for clients to use
the Tor program to access the Tor network; like TransPort and DNSPort.
this does not affect reachability of the hidden services you are
serving with your Tor instance.
> Finally, I think "Lunar" is right, the "HiddenServiceAuthorizeClient"
> option might be useful for me.
seems so. the reason i mention PKI is a defense in depth
configuration where Tor access to hidden services are in a domain
distinct from services where key material for authentication and
privacy are used. Tor == network layer, TLS == application layer,
each in their own restricted runtime.
to each their threat models...
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to