merc1984@xxxxxx: > > Does anyone know why TOR does not use DNSSEC? The only documentation I > found on the TORProject website for DNS does not actually explain how > DNS works on TOR. I infer it must be TCP, as TOR can not do UDP, and I > imagine that relay nodes must be the resolvers in order to resolve > .onion domains. But beyond that there is no information on how it > works. > > Seems to me that the lack of DNSSEC in TOR is a gigantic security hole. > (DNS cache poisoning) See proposal 219 for the status of current efforts: https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/219-expanded-dns.txt Please contribute if you can! -- Lunar <lunar@xxxxxxxxxxxxxx>
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev