[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hidden Services

On Wed, 19 Sep 2012 02:05:30 -0400
Gregory Maxwell <gmaxwell@xxxxxxxxx> wrote:

> It seems to me that there is a common expectation is that onion urls
> provide a degree of name privacyâ generally, if someone doesn't know
> your name they can't find you to connect to you. If someone violates
> that expectation it risks harming people until the new risks are well
> known (and still even then some, as no matter how well known it is
> some people will miss the fact that something enumerates the darn
> things)

From tor manual:

HiddenServiceAuthorizeClient auth-type client-name,client-name,...

   If configured, the hidden service is accessible for authorized
   clients only. The auth-type can either be 'basic' for a
   general-purpose authorization protocol or 'stealth' for a less
   scalable protocol that also hides service activity from
   unauthorized clients. Only clients that are listed here are
   authorized to access the hidden service. Valid client names are 1
   to 19 characters long and only use characters in A-Za-z0-9+-_ (no
   spaces). If this option is set, the hidden service is not
   accessible for clients without authorization any more. Generated
   authorization data can be found in the hostname file. Clients need
   to put this authorization data in their configuration file using
tor-talk mailing list