[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] DNS resolution isolation in Tor Browser




On 15 Jun 2018, at 09:16, nusenu <nusenu-lists@xxxxxxxxxx> wrote:


Thanks for the replies.


Does tor simply assume (try) that the exit policy allows the destination
address (not the port) or does it check the exit policy before selecting
the circuit?
(in that case it would have to know the destination IP
before building or at least selecting the circuit to use)

Most tor clients use microdescriptors, which only contain a port summary:
https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n1494

Clients check the port, and assume that the DNS name will resolve to an IPv4
address allowed by the exit.

T
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev