<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 6 March 2018 at 16:55, Michael Jonker <span dir="ltr"><<a href="mailto:michael@openpoint.ie" target="_blank">michael@openpoint.ie</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I have connected to my hidden service with RFC 6455 web-socket and feel like a kid in a candy store streaming API requests and return data back and forth at good, reliable speeds. </blockquote><div><br></div><div>Yay! Good to hear news of new successes. I found websockets a bit messy to approve (it seemed that one of the TBB security plugins got in the way?) but once they were approved, it was fine.</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">My concern is that I am missing something here.....<br>
<br>
My mental model is that, once the connection and http upgrade request is established, TOR sees this as a long running http request and will will not close the circuit or change the route until the either side breaks the connection.<br></blockquote><div><br></div><div>That is my understanding, too.</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I would appreciate if someone could comment:<br>
<br>
1) Am I correct in my mental model?<br></blockquote><div><br></div><div>I have the same model.</div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
2) Am I perpetrating a security anti-pattern by holding the connection open indeterminately?<br></blockquote><div><br></div><div>I would say 'no', but then you have not stated a threat-model yet. What are you trying to achieve, and what are the capabilities of your threat actors?</div><div><br></div><div> -a</div><div><br></div><div> </div></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><a href="http://dropsafe.crypticide.com/aboutalecm" target="_blank">http://dropsafe.crypticide.com/aboutalecm</a><br></div>
</div></div>