On 15 Jun 2018, at 02:22, nusenu nusenu-lists@riseup.net wrote:
Hi,
I haven't been able to answer this question by looking into the Tor Browser design document, maybe you have an answer:
imagine you have two tabs in Tor Browser:
1: torproject.org (circuit A) embeds some youtube.com content
2: google.com (circuit B) embeds some youtube.com content
it will route the TCP connection via two distinct circuits (A and B) as described in the design document [1]
Will DNS resolution be isolated using the same logic?
Tor Browser does not perform DNS resolution.
Instead, Tor Browser uses SOCKS to send DNS names directly to Tor as part of the SOCKS TCP connection request.
Tor sends the DNS name to the exit as part of the stream request.
The exit resolves the DNS name, then opens the TCP connection to the exit.
So DNS and TCP connections have exactly the same isolation, because there is no separate DNS resolution step in the browser or on the Tor client.
T