Hi all, I'll be working this summer on a project to help scale hidden services and make them more resilient as part of Tor's Summer of Privacy [1]. I am interested in hearing from all existing hidden service operators. In particular I'd like to understand the use-cases, priorities and limitations for people who are experience the current limitations of the hidden service subsystem. There have been anecdotal reports on the Tor bug tracker that hidden services have trouble scaling to more than 100 concurrent connections [2]. Is this something that operators here have experienced? There has also been recent DoS campaigns affecting Tor hidden services which have been challenging to mitigate. In my project I hope to produce a tool which will allow a hidden service to be backed my multiple Tor instances which can be spread across multiple servers and geographical locations. I am considering some of the following features and I'd be interested to hear how useful they might be for your onion service: - Redundant hidden service hosting with no single point of failure. - Secure storage of hidden service keys away from the Tor service on smartcards or HSM's - From a security perspective, would you prefer to minimize the software running on the onion service instance servers or minimize connections to the management server which has access to the service keys? I've anyone has time to share, I'd be very interested in learning about your experiences and current challenges. I'd also be delighted to hear about any other features that may be useful to the HS community. Thank you in advanced for your consideration, I hope that my project may be useful for your onion services after the summer. Kind Regards, Donncha O'Cearbhaill [1] https://blog.torproject.org/blog/interview-tor-summer-privacy-student-donncha-ocearbhaill [2] https://trac.torproject.org/projects/tor/ticket/8902 Full Proposal: https://gist.github.com/DonnchaC/03ad5cd0b8ead0ae9e30
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk