[tor-bugs] #19923 [Core Tor/Tor]: Single Onion Services should upgrade to ntor (if they can)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Aug 16 05:34:20 UTC 2016
#19923: Single Onion Services should upgrade to ntor (if they can)
-------------------------+-------------------------------------------------
Reporter: teor | Owner:
Type: | Status: new
enhancement |
Priority: Medium | Milestone:
Component: Core | Version:
Tor/Tor | Keywords: 029-proposed, sos, rsos, tor-hs,
Severity: Normal | TorCoreTeam201608
Actual Points: | Parent ID:
Points: 1.0 | Reviewer:
Sponsor: |
-------------------------+-------------------------------------------------
Split off #17178 and #19163, depends on both.
Single Onion Services build a one-hop path to the client-provided
rendezvous point. This circuit is only secured using SSL and TAP, as the
INTRODUCE cell only contains TAP onion keys.
But in most cases, the Single Onion Service can look up the ntor onion key
for the rendezvous point in the consensus, and therefore it can upgrade to
ntor. (If it doesn't find the rendezvous point in the consensus, it simply
continues with TAP.)
My suggested solution is to replace the entire rendezvous point
extend_info with the extend_info from the consensus (if found). We should
do this for both clients and services, whether using Single Onion Services
or Tor2web or not (to avoid introducing new fingerprinting mechanisms).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19923>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list