[tor-bugs] #31857 [Core Tor]: Consider adopting vanguard's security suggestions for onionbalance
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 25 17:17:15 UTC 2019
#31857: Consider adopting vanguard's security suggestions for onionbalance
-------------------------------------------------+-------------------------
Reporter: asn | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs scaling onionbalance | Actual Points:
network-team-roadmap-september tor-spec |
Parent ID: #26768 | Points:
Reviewer: | Sponsor:
| Sponsor27-can
-------------------------------------------------+-------------------------
Comment (by mikeperry):
In particular, the most important is property that it should be possible
for an onion service to use onionbalance without giving away how many
back-end onionbalance instances there are.
Second to that, and ideally, it would be best if it is possible for a
service to use onionbalance v3 without it being obvious to clients that
the service is using onion balance at all. So the HSv3 descriptor
structure should be the same formatting for onionbalamce case as for the
vanilla HSv3 case, and not have different orderings, different numbers of
IPs, or recognizable signing oddities.
I'm not sure if this is even feasible with whatever cryptographic tricks
we're doing to support v3 (I wish I paid more attention when we were
brainstorming among options :/), but maybe there is still a way?
After that, the actual vanguards integration and juggling of the state
file is just a nice-to-have.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31857#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list