[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 204 and next-gen HS addresses (was: Proposal status changes the last 17 months)

To: "tor-dev@xxxxxxxxxxxxxxxxxxxx" <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-dev] Proposal 204 and next-gen HS addresses (was: Proposal status changes the last 17 months)
From: Zack Weinberg <zackw@xxxxxxxxx>
Date: Fri, 15 Nov 2013 10:32:21 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 15 Nov 2013 10:52:07 -0500
In-reply-to: <CAKDKvuyxg_EmkxtWP8P2=tHD+TVC-3U+TKZ-3cKwX1WSm474FQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuzuTbQYSbpEGXch9K3RRALoZvpFAFSEWwoBvvCaYg1-Ag@xxxxxxxxxxxxxx> <20131115124207.GD14705@loar> <CAKDKvuyxg_EmkxtWP8P2=tHD+TVC-3U+TKZ-3cKwX1WSm474FQ@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On Fri, Nov 15, 2013 at 9:31 AM, Nick Mathewson <nickm@xxxxxxxxxxxxxx> wrote:
> Individual blogs might be at:
> technology.cmktn5wni9uinp1niixoh8gzf2oqkcwckcexwe8zutfn5uu7zbb.onion,
> lemurs.cmktn5wni9uinp1niixoh8gzf2oqkcwckcexwe8zutfn5uu7zbb.onion,
> drama.cmktn5wni9uinp1niixoh8gzf2oqkcwckcexwe8zutfn5uu7zbb.onion
>
> My thought had been that the long addresses are likely to make people
> a bit disinclined to use even longer addresses.  But I guess we'll
> see; there's no reason to actually remove the feature.

I don't think this is a reason to remove the feature altogether, but
there is a good reason not to deploy a website with user-controllable
subdomains as suggested: the browser has no way of knowing that
.cmktn5wni9uinp1niixoh8gzf2oqkcwckcexwe8zutfn5uu7zbb.onion is a
"public suffix" and will therefore allow lemurs.yada.onion to declare
that its "origin" is the entire yada.onion domain and snoop on other
sites hosted there.

zw
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Proposal status changes the last 17 months.
  - From: Nick Mathewson
- [tor-dev] Proposal 204 and next-gen HS addresses (was: Proposal status changes the last 17 months)
  - From: Lunar
- Re: [tor-dev] Proposal 204 and next-gen HS addresses (was: Proposal status changes the last 17 months)
  - From: Nick Mathewson

Prev by Author: Re: [tor-dev] torsocks-v2.0.0-rc3 NetBSD improvements
Next by Author: Re: [tor-dev] obfsproxy buffering
Previous by thread: Re: [tor-dev] Proposal 204 and next-gen HS addresses (was: Proposal status changes the last 17 months)
Next by thread: Re: [tor-dev] Proposal status changes the last 17 months.
Index(es):
- Author
- Thread