Srry forgot to add . My idea is to create a Voip client optimised for TOR , to build a voip client with tor in mind and not getting a client to work with tor.<br><br><div class="gmail_quote">On Thu, Dec 23, 2010 at 8:00 PM, hhhh xhdhx <span dir="ltr"><<a href="mailto:johncalisano@gmail.com">johncalisano@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">My plan goes like this .<br><br>1.) Build a barebones SIP client based on SofiaSip.<br>2.) Support only codec2 ( audio codec )<br>
3.) No encryption is implemented by the SIP client ( like ZRTP etc ) as the hidden service takes care of that.<br>
4.) Each SIP client will be a hidden service , using authentication similar to torchat , as it is the most natural way . <br>5.) Hopefully with codec2 , it can be sent through Tcp , the idea is to keep the network traffic as low as possible .<br>
<br>Comments & Brickbats pls .<div><div></div><div class="h5"><br><br><div class="gmail_quote">On Tue, Dec 21, 2010 at 11:43 PM, hhhh xhdhx <span dir="ltr"><<a href="mailto:johncalisano@gmail.com" target="_blank">johncalisano@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<br><br><div class="gmail_quote"><div><div></div><div>On Tue, Dec 21, 2010 at 3:58 AM, grarpamp <span dir="ltr"><<a href="mailto:grarpamp@gmail.com" target="_blank">grarpamp@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div>> From reading on OnionCat , the clients are essentially hidden services<br>
</div><div>> once a connection is made it is bidirectional.<br>
<br>
</div>No, OC is just a daemon shuffling data back and forth across a<br>
Tor HiddenServicePort. Tor provides a bidir return path to the<br>
source, which the listener (OC) can use, if it thinks it should...<br>
<div><br>
> If A initiates a connection<br>
> to B , A can be sure he/she is talking to B<br>
<br>
</div>Yes, up to the 80-bit addressing of Tor. OC translates your request<br>
for a v6 address into an onion address and puts that stream through<br>
Tor.<br>
<div><br>
> but the opposite isnt true .So<br>
> if B has to sure he/she is indeed talking to A , he/she has to initiate a<br>
</div>> connection to A [..... to query and confirm it .....].<br>
<br>
Yes. Because B's onion is seeing no onion source address. And B's<br>
OC is seeing an arbitrary v6 source address.<br>
<br>
Since most protocols require a reverse channel, it's actually B that<br>
is more at risk of sending their data off to onions unknown. Luckily,<br>
that is where B (if human and not a dolt) usually notices something<br>
is broken and quits it.<br>
<br>
And it's kind of pointless to do such spoofing because if A wanted<br>
B's return stream, it should have just asked for it. So it would just be<br>
for the lol's of A blindly convincing B (or B's computer, app, etc) to<br>
disclose something to C.<br>
<div><br>
> Which is what torchat does to authenticate both the parties<br>
> , even if OnionCat is being used the same has to be done to ensure both the<br>
> people know who they are talking to. Am I right in my observation ??<br>
<br>
</div>Yes, and as before, OC had plans to do a little OCtoOC ping pong too.<br>
If running IPSEC, etc over v6, learning or making stashes of source<br>
key-v6 associations, that might do it too, more work, same thing.<br>
<br></blockquote></div></div><div> So what intrigeri was talking abt was the torifying of voip and not necessarily a fully authenticated peer to peer commuincation where A is sure of B & B is sure of A.<br></div><div>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
OC is just another app that plugs into Tor, no different than TorChat.<br>
It just happens to present the user with a cool and immensely useful<br>
v6 address instead of a cute little chat prompt.<br>
<div><div></div><div>***********************************************************************<br>
To unsubscribe, send an e-mail to <a href="mailto:majordomo@torproject.org" target="_blank">majordomo@torproject.org</a> with<br>
unsubscribe or-talk in the body. <a href="http://archives.seul.org/or/talk/" target="_blank">http://archives.seul.org/or/talk/</a><br>
</div></div></blockquote></div></div><br>
</blockquote></div><br>
</div></div></blockquote></div><br>