[tor-onions] Use onion-like domains for a regular websites and DynDNS

Tue Aug 2 08:19:09 UTC 2022

What does it means

On Thursday, 28 July 2022, Kevin Kandlbinder via tor-onions <
tor-onions at lists.torproject.org> wrote:

> Hey Sergey,
>
> I think your Idea is really interesting, however I do have a small comment.
>
> You create the hidden service on the Yurt installation (ex.
> yurtc329rc231[...].onion) and the corresponding DynDNS entry (ex.
> yurtc329rc231[...].jkl.mn). Now what if the user does not have
> Port-Forwarding set up? This would result in the DynDNS entry pointing to
> the public IP of the user to not work, whilst the .onion service does work,
> as Tor does not care much about NAT. This may make for a confusing user
> experience - especially since you want to be the NextCloud for
> inexperienced users. Do you intend on doing something about that? A
> possible solution would be to have the DynDNS server test connectivity, and
> if no connectivity is found the .jkl.mn domain points to some kind of
> clearnet->tor reverse-proxy. This way the data would simply be routed over
> Tor if the port forward is faulty.
>
> I do however have to say: The Idea is great and definitely possible. Also
> I think this is a very important project for the future of easy
> self-hosting, as other FOSS-projects may benefit from using and adapting
> the code you write for Yurt-DynDNS! I'll definitely need to follow this
> project.
>
> Have a nice day,
> * Kevin Kandlbinder*
> <*kevin at kevink.dev <kevin at kevink.dev>*>
>
> Am 29.06.2022 um 20:35 schrieb Sergey Ponomarev:
>
> Hello the Tor Community,
>
> I have a proposition to build a DynDNS server that will host
> onion-like addresses for regular websites. And I'll appreciate any
> feedback, opinions and thoughts on this.
>
> I am working on a YurtPage which is a small home page server and kind
> of light version of NextCloud for inexperienced users.
> Some users already have an IP static or dynamic so their site can be
> directly accessed from the Internet.
> But still they need a domain to be independent from IP changes.
> Unfortunately domains are controlled by the DNS mafia and they cost
> money.
> The NameCoin's .bit domains are cool but they cost money too.
>
> So for users I'll implement a Dynamic DNS (DynDNS) so that they'll
> automatically receive a subdomain of mine's jkl.mn site likeSomeonesYurt.jkl.mn
> And the user's homepage will send ping to jkl.mn so it can detect the
> public IP and update a DNS record.
>
> The problem is that I don't want to have a responsibility to host the
> DynDNS service. I may forget to renew its domain or hosting, or its
> server dies or I may die.
> And I decided to generate an onion-like address so they'll look likehttp://jklmnyiyjnwfc6aklubg45o4hbkvz5uu47hcwjinbihi4shcucq5aiid.jkl.mn/
>
> I see a few advantages:
> * In case the jkl.mn disappears users may install a Tor Onion Service
> and visitors can still open the site by replacing jkl.mn to .onion in
> links. I'm going to install the Tor Service by default.
> * I don't need to store a database: a homepage may just sign its
> request with a private key and the DynDNS can check it and update a
> DNS record.
> * Yes, the address is not possible to remember but anyone can save a
> bookmark or use google to find it. Instead I'll not have
> cybersquatters who took all the good domains. Anyone can buy a domain
> and use CNAME if they wish.
>
> What do you think about this idea? Will it work?
> I created a project to develop ithttps://github.com/yurt-page/dyndns-onion but decided to consult with
> you first.
>
> To go further I think that the remaining problems may also be solved easily.
>
> Volontiers may start their own DynDNS servers and exchange the records
> with each other.
> The homepage sends a Ticket to any DynDNS server. The Ticket is just
> an encrypted IP and timestamp and anybody can decrypt it with the
> public key from the domain. The ticket with last time is considered as
> actual and every DynDNS server may return its IP.
> Here may be used other technologies like DHT for a quicker lookup and
> to be independent if the jkl.mn domain disappears.
> Similarly to a .bit TLD we may have .dyn that are free to anyone. But
> unlike .onion domains the .dyn domains are not anonymous and lookups
> are not blocked on DNS level and can be answered by any.
>
> I'm not an expert in DNS and TOR so please tell me if the idea is
> worth implementing.
>
> Regards,
> Sergey Ponomarev stokito.com
> _______________________________________________
> tor-onions mailing listtor-onions at lists.torproject.orghttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20220802/71f59514/attachment.htm>