Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

Subject: Re: [tor-dev] Proposition: Applying an AONT to Prop224 addresses?

From: Alec Muffett <alec.muffett@xxxxxxxxx>

Date: Mon, 3 Apr 2017 16:40:52 +0100

Delivery-date: Mon, 03 Apr 2017 11:41:15 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=vpdTlj5z9xaVOdHurvr4aybEN/PJcS2V86h4GNTRXQE=; b=L48nKSAcWYOp/opq30lK4Wdr1bfnId4cyuEYEQA0hlpdS3qw/yYS9Q4GL2YVY+8EXV 46bcVRpsf8G/RJoUw9+yLSpb4rWfJk77BuZhJZQdH8z7rDdRDcTmJo05uL8mEsJPGGs9 EkXyRDeBINldwkPepjEnEocHiuBufVk2glt9fSnF0MmPUIhKj07jOPGFBq3p7RGazDJM bkmyTvNIIcv78XZwruphlif3qCpzdndoKx/EM6P6paakOhtkvJQfs6VpnyeuAYUkP+Gq zBy5URU045rRobcCWd89Egr8xc27ZmYJ/swIJo82Vf7fOTcw+6xGrviUD3BHE63VNR98 ytkQ==

In-reply-to: <20170403144826.GA28540@thunk.cs.uwaterloo.ca>

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

References: <CAFWeb9+Z8BvVvxsDNsCVZ5YJx3id+fLdefcT0_u+hzcvJhftnA@mail.gmail.com> <20170326201958.GU28540@thunk.cs.uwaterloo.ca> <20170326204218.GX28540@thunk.cs.uwaterloo.ca> <CAFWeb9J-Hozkh4uzMYfM+-4V2tShH1+xT5nBf=kCpL4UNzZtAQ@mail.gmail.com> <20170327055942.GY28540@thunk.cs.uwaterloo.ca> <20170327085834.GZ28540@thunk.cs.uwaterloo.ca> <87zifxd7ds.fsf@riseup.net> <CAFWeb9JjchfFC+wivmTy6gb8cAokhqrrTGo=UEH9ZdnwCDpfeQ@mail.gmail.com> <20170403144826.GA28540@thunk.cs.uwaterloo.ca>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On 3 Apr 2017 3:48 p.m., "Ian Goldberg" <iang@xxxxxxxxxxxxxxx> wrote:

The other thing to remember is that didn't we already say that

facebookgbiyeqv3ebtjnlntwyvjoa2n7rvpnnaryd4a.onion

and

face-book-gbiy-eqv3-ebtj-nlnt-wyvj-oa2n-7rvp-nnar-yd4a.onion

will mean the same thing? So we're already past the "one (st)ring to
rule them all" point?

That's a great point, and I'm definitely interested and in favour of readability.

How about this, though: I know that Tor doesn't want to be in the business of site reputation, but what if (eg) Protonmail offers a Onion "Safe Browsing" extension some day, of known-bad Onions for malware reasons?

There's quite a gulf between stripping hyphens from a candidate onion address and doing strcmp(), versus either drilling into the candidate address to compute the alternative forms to check against the blacklist, or even requiring the blacklist to be 8x larger?

-a

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev