commit 1e42e693794fc79bf4c51483338447f69ea5c4e1 Author: Sebastian Hahn sebastian@torproject.org Date: Wed Feb 11 06:06:15 2015 +0100
yuck trailing spaces --- docs/en/hidden-services.wml | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/docs/en/hidden-services.wml b/docs/en/hidden-services.wml index f7fceff..1b4125b 100644 --- a/docs/en/hidden-services.wml +++ b/docs/en/hidden-services.wml @@ -9,10 +9,10 @@ <a href="<page docs/documentation>">Documentation » </a> <a href="<page docs/hidden-services>">Hidden Services</a> </div> - <div id="maincol"> + <div id="maincol"> <h2>Tor: Hidden Service Protocol</h2> <hr> - + <p> Tor makes it possible for users to hide their locations while offering various kinds of services, such as web publishing or an instant @@ -23,7 +23,7 @@ href="<page docs/tor-hidden-service>">configuring hidden services</a> page. </p> - + <p> A hidden service needs to advertise its existence in the Tor network before clients will be able to contact it. Therefore, the service randomly picks @@ -36,11 +36,11 @@ service's identity (public key), we don't want them to learn about the hidden server's location (IP address). </p> - + <img alt="Tor hidden service step one" src="$(IMGROOT)/THS-1.png"> # maybe add a speech bubble containing "PK" to Bob, because that's what # Bob tells to his introduction points - + <p> Step two: the hidden service assembles a <em>hidden service descriptor</em>, containing its public key and a summary of each @@ -50,7 +50,7 @@ name derived from the service's public key. After this step, the hidden service is set up. </p> - + <p> Although it might seem impractical to use an automatically-generated service name, it serves an important goal: Everyone – including @@ -62,12 +62,12 @@ href="http://www.skyhunter.com/marcs/petnames/IntroPetNames.html%22%3EPetname</a> design for hidden service names? </p> - + <img alt="Tor hidden service step two" src="$(IMGROOT)/THS-2.png"> # maybe replace "database" with "DHT"; further: how incorrect # is it to *not* add DB to the Tor cloud, now that begin dir cells are in # use? - + <p> Step three: A client that wants to contact a hidden service needs to learn about its onion address first. After that, the client can @@ -80,11 +80,11 @@ randomly picked relay and asks it to act as <em>rendezvous point</em> by telling it a one-time secret. </p> - + <img alt="Tor hidden service step three" src="$(IMGROOT)/THS-3.png"> # maybe add "cookie" to speech bubble, separated from the surrounded # "IP1-3" and "PK" - + <p> Step four: When the descriptor is present and the rendezvous point is ready, the client assembles an <em>introduce</em> message @@ -95,16 +95,16 @@ via a Tor circuit: nobody can relate sending the introduce message to the client's IP address, so the client remains anonymous. </p> - + <img alt="Tor hidden service step four" src="$(IMGROOT)/THS-4.png"> - + <p> Step five: The hidden service decrypts the client's introduce message and finds the address of the rendezvous point and the one-time secret in it. The service creates a circuit to the rendezvous point and sends the one-time secret to it in a rendezvous message. </p> - + <p> At this point it is of special importance that the hidden service sticks to the same set of <a @@ -117,10 +117,10 @@ <a href="http://freehaven.net/anonbib/#hs-attack06">Locating Hidden Servers</a>. </p> - + <img alt="Tor hidden service step five" src="$(IMGROOT)/THS-5.png"> # it should say "Bob connects to Alice's ..." - + <p> In the last step, the rendezvous point notifies the client about successful connection establishment. After that, both client and hidden service can @@ -128,23 +128,23 @@ other. The rendezvous point simply relays (end-to-end encrypted) messages from client to service and vice versa. </p> - + <p> One of the reasons for not using the introduction circuit for actual communication is that no single relay should appear to be responsible for a given hidden service. This is why the rendezvous point never learns about the hidden service's identity. </p> - + <p> In general, the complete connection between client and hidden service consists of 6 relays: 3 of them were picked by the client with the third being the rendezvous point and the other 3 were picked by the hidden service. </p> - + <img alt="Tor hidden service step six" src="$(IMGROOT)/THS-6.png"> - + <p> There are more detailed descriptions about the hidden service protocol than this one. See the @@ -162,4 +162,4 @@ <!-- END SIDECOL --> </div> <!-- END CONTENT --> -#include <foot.wmi> +#include <foot.wmi>