[tor-dev] Proposal 204: Subdomain support for Hidden Service addresses

Karsten Loesing karsten at torproject.org
Tue Jul 10 11:24:57 UTC 2012

On 7/7/12 7:06 PM, Nick Mathewson wrote:
> The only part I'm worried about here is that we had once considered
> doing authenticated hidden services or some other kind of wacky hidden
> service with a design like "bbbbbbbbb.aaaaaaaaaaaaaaa.onion", where
> bbbbbbbbb is some additional data to use in the protocol.
> Still, we can still do the above proposal and save room to extend the
> .onion address scheme: just reserve *.x.onion for all x of length
> other than 16.

>From proposal 121, written in December 2007:

"Currently, rend-spec contains the proposition to encode client-side
authorization data in the URL, like in x.y.z.onion. This was never used
and is also a bad idea, because in case of HTTP the requested URL may be
contained in the Host and Referer fields."

Current rend-spec.txt doesn't mention anything like *.*.onion anymore.
The way how additional data is provided is by using torrc options, not
as part of the URL.


More information about the tor-dev mailing list