[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Ops request: Deploy OpenVPN terminators

To: "tor-relays@xxxxxxxxxxxxxxxxxxxx" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Ops request: Deploy OpenVPN terminators
From: Bogglesnatch Candycrush <bogglesnatch@xxxxxxxxx>
Date: Mon, 16 Jun 2014 09:59:55 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 16 Jun 2014 13:03:01 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1402937995; bh=6qzV3CsQrofp5nSBNfExPa6dJzsapkqEyK44gQH36yw=; h=References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=D2eAZibWr4a8Q+8yqOuVVCpJvju0L1T6DnGXCbFFqjVA4qdiWTo5Wlrkai9rbe3OSGSMKyaev7QETxGhaN625aG5sf2cGZV+U+Hda7nnyCMOmIJUAZ5Ts3SO2yTE58Vh0MK+LiyhWrJeMMucUHpi9N6OvzwMyGwsTAGeJHs7/70=
In-reply-to: <CAD2Ti28AZgzDPz2Zn=ajc0oVqD1yLr5yw86fgJO_iiZK66kZ7A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti28NaBtU4b8mMVLVcYvBMACyLwt1tEvOj8F9Z3rgEJcm8g@xxxxxxxxxxxxxx> <20140514004021.GK10586@xxxxxxxxxxxxx> <CAD2Ti28Ekcqoh_Dw42Vci4Qdgk6hX-PMtVnYYj6or6szern-NQ@xxxxxxxxxxxxxx> <537342B8.5040501@xxxxxxxxx> <CAD2Ti2_7+WZ89J3yG=3z+jh=F3xFaM6cnaJP7KSVAH+aEYEHhQ@xxxxxxxxxxxxxx> <5374C2E8.6090703@xxxxxxxxx> <CAD2Ti28AZgzDPz2Zn=ajc0oVqD1yLr5yw86fgJO_iiZK66kZ7A@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Monday, June 16, 2014 2:29 AM, grarpamp <grarpamp@xxxxxxxxx> wrote:

> No, it does not break any anonymity. And it doesn't matter what
> OpvenVPN sends because it all happens over the users already secured
> Tor circuit '--'. You just don't understand the model. Here it is
> again. '<>' is a single computer, there are two computers pictured.
> Packets travel through the listed processes and computers from left
> to right. '++' is the usual clearnet beyond the exit box.

> A)
> <user - ovpncli - torcli> -- <tor_exit_relay_or_ip - ovpn_term_ip> ++ world

It seems to me in this case the OpenVPN endpoint would know who the user is, based on their OpenVPN client certificate or shared secret. Even absent those, they might be able to do packet fingerprinting, since the packets won't be scrubbed.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Ops request: Deploy OpenVPN terminators
  - From: grarpamp

References:
- Re: [tor-relays] Ops request: Deploy OpenVPN terminators
  - From: grarpamp

Prev by Author: Re: [tor-relays] Need help to get TorDNSEL compiled
Next by Author: Re: [tor-relays] Shutting down middle relays (off-topic)
Previous by thread: Re: [tor-relays] Ops request: Deploy OpenVPN terminators
Next by thread: Re: [tor-relays] Ops request: Deploy OpenVPN terminators
Index(es):
- Author
- Thread