Re: [tor-bugs] #19642 [Core Tor/Tor]: Add a descriptor line for Single Onion Services

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#19642: Add a descriptor line for Single Onion Services
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  dgoulet
     Type:  enhancement                          |         Status:
                                                 |  accepted
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.2.???
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, rsos, sos, 030-proposed,     |  Actual Points:
  prop224, TorCoreTeam201609                     |
Parent ID:  #17238                               |         Points:  0.5
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorR-can
-------------------------------------------------+-------------------------

Comment (by teor):

 We do encode both IPv4 and IPv6 addresses in the prop224 descriptor, and
 #17178 has single onion services retry a multi-hop path if the single-hop
 path is unreachable. #19662 will do the same thing for Tor2web. And #19745
 will block

 So we can get the desired behaviour without a proposal change:
 * Tor2web always connects to HSDirs using a 3-hop path to avoid denial of
 service (#20104)
 * When a HSDir, intro, or rend might become a one-hop proxy, it refuses
 (#17945)
 * When Tor2web (#19662) or Single Onion Services (#19663) fail to connect,
 they retry with a 3-hop path

 But this still gives the intro and rend point both the Tor2web and single
 onion service IP addresses, even if they don't successfully connect.

 So the remaining work in this ticket is:
 * a single onion service must put a "client-must-multi-hop" line in the
 unencrypted part HS descriptor
 * all clients must multi-hop to HSDirs, intro points and rend points with
 this line in their descriptors:
   * the HSDir must refuse to serve descriptors with this line to Tor2web
 clients (this will block Tor2web to Single Onion Services until Tor2web
 clients upgrade to #20104 - is this a good idea?)
   * HSDir, intro and rend also refuse connections with non-relays on both
 sides

 This prevents HSDir, intro and rend points knowing both sides' IP
 addresses, and reduces connection failures (except in the Tor2web HSDir
 case).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19642#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs