[tor-bugs] #17945 [Core Tor/Tor]: Stop single hop client connecting to (Rendezvous) Single Onion Services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 2 05:04:31 UTC 2018
#17945: Stop single hop client connecting to (Rendezvous) Single Onion Services
-------------------------------------------------+-------------------------
Reporter: teor | Owner: dgoulet
Type: enhancement | Status:
| accepted
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor2web, tor-hs, 029-proposed, 029 | Actual Points: 0.4
-teor-no, needs-design, needs-proposal-maybe, |
single-onion, review-group-33, |
034-triage-20180328, 034-removed-20180328 |
Parent ID: #24962 | Points: 5
Reviewer: asn, teor | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:58 arma]:
> Am I missing something here, or did the #24902 change, where relays by
default now try to tarpit establish-rendezvous requests that come directly
from clients, accomplish the goals of this ticket? Or were the goals
broader?
There aren't any onion service single-hop proxies any more. And no onion
service relay knows both the client and service address.
But Tor2web still gives away client IP addresses by connecting directly to
HSDirs and intro points. Maybe we want a consensus parameter to block this
insecure behaviour if it causes trouble in future?
* #22689 is for into points, which still get direct connections from
Tor2web clients, but all services and other clients always use 3-hop
connections
* #22688 is for HSDirs, which still get direct connections from Tor2web
clients, but all services and other clients always use 3-hop connections
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:59>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list