[tor-bugs] #17945 [Core Tor/Tor]: Stop Tor2Web connecting to (Rendezvous) Single Onion Services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 11 01:01:29 UTC 2016
#17945: Stop Tor2Web connecting to (Rendezvous) Single Onion Services
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: enhancement | Status:
Priority: Medium | needs_information
Component: Core Tor/Tor | Milestone: Tor:
Severity: Normal | 0.2.???
Keywords: rsos, sos, tor2web, tor-hs, | Version:
029-proposed, 029-nickm-unsure, 029-teor-no, | Resolution:
needs-design, needs-proposal-maybe | Actual Points:
Parent ID: | Points: 5
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Split off #19662 and #19663 so that Tor2web and Single Onions build 3-hop
paths on failure.
Split off #19642 so that Single Onions tell Tor2web to use a 3-hop path to
the intro and rendezvous.
So the work remaining in this ticket is:
* Relays should avoid being the only relay in a circuit between Tor2web
and a Single Onion Service - so it isn't in a position to de-anonymise
both client and service (this discourages attacks)
* intro points and rend points should require one or both sides of the
connection to be in the consensus
I think it's ok for the intro and rend points to just use the consensus
they have right now, even if it's a bit outdated. It's unlikely that both
sides of a client to HS connection will be new in the consensus.
Occasionally there will be a false positive on Tor2web to HS or client to
Single Onion connections (but the retry will fix that).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list