commit 6937de0311b895b90c9404a6a62758ddd9ca572a Author: Nick Mathewson nickm@torproject.org Date: Fri Nov 9 21:52:00 2012 -0500
tweak a little more --- todo | 9 ++++----- tor-design-2012.tex | 4 +++- 2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/todo b/todo index 6ddbcb3..66f3207 100644 --- a/todo +++ b/todo @@ -13,7 +13,7 @@ ITEMS: o Node discovery and the directory protocol o Security improvements to hidden services o DHT - - Improved authorization model for hidden services + o Improved authorization model for hidden services o Faster first-hop circuit establishment with CREATE_FAST o Cell queueing and scheduling. * Integrate content from the second blog post [steven] @@ -34,14 +34,13 @@ ITEMS: * Revise related work [steven]
* Revise design goals and assumptions [steven] - * Revise tor-design up to "opening and closing streams" [nick] ** + o Revise tor-design up to "opening and closing streams" [nick] * Revise tor-design "opening and closing streams" onward [steven] - * Revise hidden services section [nick] - . somewhat done? DHT and autho + o Revise hidden services section [nick]
* Revise "other design decisions" [nick] * Revise "attacks and defenses" [steven] - * Replace "early experiences: Tor in the wild" [???? Nick?] + * Replace "early experiences: Tor in the wild" [???? Nick? Can Roger?]
* Revise "open questions in low-latency anonymity" and "future directions" [steven] diff --git a/tor-design-2012.tex b/tor-design-2012.tex index e09a95d..4e02485 100644 --- a/tor-design-2012.tex +++ b/tor-design-2012.tex @@ -1279,7 +1279,9 @@ by publishing the hidden service descriptor (containing introduction point's addresses) to the ORs whose identity keys are closest to a hash of the location-hidden service's identity key, the current date, and a replica number. Optionally, the -hidden service descriptor can be encrypted under a key shared +portion of the +hidden service descriptor describing the introduction points +can be encrypted under a key shared with authorized users of the hidden service. Therefore not only can unauthorized users not connect to the hidden service or its introduction points (the descriptor contains an authentication