[tor-dev] Proposal: Single onion services

[John Brooks]

Yawning Angel <yawning at schwanenlied.me> wrote:

> I have two objections to this, one political, one technical:
> 
> * (The political objection) While this is "cool" and probably(?)
>   "funded", it seems like a poor thing to work on in terms of
>   developmental priority when there are other things Hidden Service
>   related that need a lot of developer attention, primarily in making
>   the existing HSes more resilient against Nation State level
>   adversaries (Eg: Prop. 224).

I agree that 224 and improvements to “double onion services” are much more
important.

On the other hand, the goal of single onion services is to encourage more
use of onion services in general, especially by large scale normal-web
services. Bringing those new services and the extra attention can hopefully
help improve the perception of the onion services in general, and possibly
help with funding them.

> * (The technical objection) It is overly easy for assholes[0] to censor
>   Single Onion Services due to:
> 
>     it’s possible for the previous relay to guess the service you’re
>     connecting to
> 
>   While such a censor would only be able to deny service to clients as
>   a fraction of their relay(s) consensus weight, it's still something
>   that probably should get consideration.

Yes, we should address this. Is retrying through a new circuit after circuit
failures sufficient, or do we need something more sophisticated?

As a countermeasure, a single onion service can choose to also act as a tor
relay. In that case, the censor relay should not be able to easily
distinguish between relay traffic and the single onion traffic.

- special