[tor-bugs] #9022 [Pluggable transport]: Create an XMPP pluggable transport
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 20 22:32:26 UTC 2013
#9022: Create an XMPP pluggable transport
---------------------------------+------------------------------------------
Reporter: asn | Owner: feynman
Type: task | Status: accepted
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
Comment(by feynman):
Replying to [comment:45 xnyhps]:
> Replying to [comment:44 feynman]:
> > JIDs are often given random strings for their so called "resources"
(or if a resource is requested, a random string is often appended to it).
>
> (I just want to point out that this is pretty uncommon for XMPP servers
except GTalk. Most normal XMPP servers just give you the resource you
request.)
>
> > To send an IQ, one must know the recipient's resource. This is great
for security, but bad for this particular application. To get around this,
I use a message (which can be sent without a resource) to send a
connection request to a JID with an unknown resource. When the recipient
responds, thus disclosing their resource, their full JID (including the
resource) is added to a table that keeps track of JIDs and resources.
> >
> > The problem is if one of the computers disconnects and reconnects,
they acquire a new resource and their is no way (currently) for the other
computer to update its table.
> >
> > Another problem is that messages that have no resource specified can
only be sent to people on your contact list.
>
> This also sounds like a limitation set by GTalk.
>
> Why do you want to avoid needing to have someone on your contact list to
use this? If you want to properly exchange messages/iqs with someone, it
helps to be able to know on which resources they are online. This should
also make it much easier to automatically handle the case where the other
side disconnected and reconnected on a different resource.
>
> If you're worried about privacy... I don't really see why you would
authorize someone to use your connection as a proxy to the internet when
you don't want them to know when you're online. It sounds fair to inform
them when you're available to proxy a connection for you.
My main concern is not really for the sake of the user so much as for the
person running the proxy service. I figured that people who run proxy
services are not going to want to constantly log in to their chat accounts
and accept strangers' requests to be added to their contact list. I do not
think that would be a very scalable approach.
I imagined that this would work in a more automated fashion like other Tor
plugins. Take for example, obfsproxy. You do not need to give someone
permission to connect to your IP address for obfsproxy to work. The user
simple plugs in the ip:port to Tor, and Tor connects. I think having to
ask people to add you to their contact lists would discourage users from
trying the software, and discourage people that manage proxies from
running the service. It is just too much maintenance.
In case there was any doubt, I want to assert that I think that using your
usual chat accounts to run proxy services is a bad idea. Your chat
accounts are not only a piece of identifying information, they are an easy
form of contact information--especially if you are using an email (like in
the case of GTalk). That just sounds like a bad idea from the start.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9022#comment:46>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list