In order to have an effective system of blinded identities, you need to have an out of band channel to transmit 128-256 bits from the server to the client. This is essential for blinding the in-band adversary to the long term shared identity between the client and server. A naming system will move that blinding data back into the in-band channel.
There needs to be better tools for working with 128-256 bits of data.
We have bookmarks, QR codes, and word lists etc but there is tons of room for improvement.
It seems impossible to strongly blind an in band adversary while moving fewer bits through the address channel.
On Sun, Jul 31, 2016 at 8:03 AM Razvan Dragomirescu < razvan.dragomirescu@veri.fi> wrote:
I agree with this, I don't really see the point of making .onion names easy to remember. If it's a service you access often, you can bookmark it or alias it locally to something like "myserver.onion" (maybe we should make it easier for users to do just that - an alias file for .onion lookups, allowing them to register myserver.onion and point it to asdlataoireaoiasdasd.onion or whatever).
If it's a link on a Wiki or in a search engine, you just click on it, you don't care what the name is. The only time you'd have to remember an actual .onion address is if you heard it on the radio or saw a banner on the side of the street while driving and had to memorize it in a few seconds. Or maybe if you have to read the address _over the phone_ to a friend (as opposed to mailing him the link).
What is the exact use case of this? I'm not saying it's useless, I just don't see the point, maybe I'm missing something.
Razvan
-- Razvan Dragomirescu Chief Technology Officer Cayenne Graphics SRL
On Sat, Jul 30, 2016 at 9:44 PM, Lunar lunar@torproject.org wrote:
George Kadianakis:
this is an experimental mail meant to address legitimate usability
concerns
with the size of onion addresses after proposal 224 gets implemented.
It's
meant for discussion and it's far from a full blown proposal.
Taking a step back here, I believe the size of the address to be a really minor usability problem. IPv6 adressses are 128 bits long, and plenty of people in this world now access content via IPv6. It's not a usability problem because they use a naming—as opposed to addressing—scheme to learn about the appropriate IPv6 address.
While I do think we should think of nicer representation for the new addresses than base32, and we should adress that, working on a naming system sounds like an easier way out to improve onion services usability than asking people to remember random addresses (be them 16 or 52 characters-long).
(I now plenty of people who type “riseup” in the Google search bar of their browser to access their mailbox… They don't even want to/can't remember an URL. Hardly a chance they will remember an onion address, whatever its size.)
Maybe it would be worthwhile to ask the UX team for input on the topic?
-- Lunar lunar@torproject.org
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev