[tor-dev] DNSSEC

Lunar lunar at torproject.org
Tue Sep 2 02:04:15 UTC 2014


merc1984 at f-m.fm:
> On Mon, Sep 1, 2014, at 11:54, Mike Cardwell wrote:
> > The exit nodes do the DNS requests. The client doesn't see an IP address.
> > It connects to the Tor SOCKS interface and says, "connect me to hostname
> > example.com on port N". It doesn't look up the IP address of
> > "example.com"
> > and *then* connect to it. Hidden services don't have IP addresses and
> > DNS resolution isn't involved in routing connections to them.
> 
> So when I request to connect to example.com, that request goes all the
> way to the exit node, which then is supposed to do the DNS lookup? 
> Again, this is impossible, as .onion domains would be bypassed. 

This is the development mailing list for Tor. Please refrain from
posting more questions until you have a better understanding of the way
Tor works:
https://www.torproject.org/docs/documentation.html.en#UpToSpeed

Everything you want to know about Tor design is available:
https://gitweb.torproject.org/torspec.git

-- 
Lunar                                             <lunar at torproject.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140902/d888870a/attachment.sig>


More information about the tor-dev mailing list