<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Thanks Tom and Alec,</p>
<p><br>
</p>
<p>I am working on a UX architecture for the Bisq Project
[<a class="moz-txt-link-freetext" href="https://bisq.network/">https://bisq.network/</a>]. This is a decentralised P2P crypto / fiat
exchange.</p>
<p><br>
</p>
<p>The threat model is two-fold:</p>
<p>1) A real time event driven MVC for a GUI front-end to a remote
API over TOR hidden service. The client owns the server (it is
their personal Bisq instance) , it is not a public web service
model.</p>
<p>2) Bisq 's infrastructural backbone runs as a P2P network over
TOR network. Clients talk to each other and there are various
hidden services providing network resources. I am hoping that
websocket can improve network performance.</p>
<p><br>
</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 06/03/18 17:29, Alec Muffett wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAFWeb9L-XD_=fXs08F3vfO=-Sc_zbPVDZRrTzadAComwcfq+qw@mail.gmail.com">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">On 6 March 2018 at 16:55, Michael
Jonker <span dir="ltr"><<a
href="mailto:michael@openpoint.ie" target="_blank"
moz-do-not-send="true">michael@openpoint.ie</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">I have
connected to my hidden service with RFC 6455 web-socket
and feel like a kid in a candy store streaming API
requests and return data back and forth at good, reliable
speeds. </blockquote>
<div><br>
</div>
<div>Yay! Good to hear news of new successes. I found
websockets a bit messy to approve (it seemed that one of
the TBB security plugins got in the way?) but once they
were approved, it was fine.</div>
<div><br>
</div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">My
concern is that I am missing something here.....<br>
<br>
My mental model is that, once the connection and http
upgrade request is established, TOR sees this as a long
running http request and will will not close the circuit
or change the route until the either side breaks the
connection.<br>
</blockquote>
<div><br>
</div>
<div>That is my understanding, too.</div>
<div><br>
</div>
<div> </div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">I would
appreciate if someone could comment:<br>
<br>
1) Am I correct in my mental model?<br>
</blockquote>
<div><br>
</div>
<div>I have the same model.</div>
<div><br>
</div>
<div><br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
2) Am I perpetrating a security anti-pattern by holding
the connection open indeterminately?<br>
</blockquote>
<div><br>
</div>
<div>I would say 'no', but then you have not stated a
threat-model yet. What are you trying to achieve, and
what are the capabilities of your threat actors?</div>
<div><br>
</div>
<div> -a</div>
<div><br>
</div>
<div> </div>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature"><a
href="http://dropsafe.crypticide.com/aboutalecm"
target="_blank" moz-do-not-send="true">http://dropsafe.crypticide.com/aboutalecm</a><br>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
tor-onions mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-onions@lists.torproject.org">tor-onions@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions</a>
</pre>
</blockquote>
<br>
</body>
</html>