[tor-dev] Proposal 204: Subdomain support for Hidden Service addresses

Nick Mathewson nickm at alum.mit.edu
Wed Jul 11 15:09:15 UTC 2012

On Tue, Jul 10, 2012 at 7:24 AM, Karsten Loesing <karsten at torproject.org> wrote:
> On 7/7/12 7:06 PM, Nick Mathewson wrote:
>> The only part I'm worried about here is that we had once considered
>> doing authenticated hidden services or some other kind of wacky hidden
>> service with a design like "bbbbbbbbb.aaaaaaaaaaaaaaa.onion", where
>> bbbbbbbbb is some additional data to use in the protocol.
>> Still, we can still do the above proposal and save room to extend the
>> .onion address scheme: just reserve *.x.onion for all x of length
>> other than 16.
> From proposal 121, written in December 2007:
> "Currently, rend-spec contains the proposition to encode client-side
> authorization data in the URL, like in x.y.z.onion. This was never used
> and is also a bad idea, because in case of HTTP the requested URL may be
> contained in the Host and Referer fields."
> Current rend-spec.txt doesn't mention anything like *.*.onion anymore.
> The way how additional data is provided is by using torrc options, not
> as part of the URL.

Then I see no reason not to accept this proposal.  Does anyone else?


More information about the tor-dev mailing list