[tor-dev] Proposal: End-to-end encrypted onion services for non-Tor clients

Yawning Angel yawning at schwanenlied.me
Mon Sep 14 16:28:19 UTC 2015

On Mon, 14 Sep 2015 16:12:23 +0000
Donncha O'Cearbhaill <donncha at donncha.is> wrote:
> I have been thinking about ideas to make Tor hidden services more
> available and secure for non-Tor users. Inline I've included a draft
> proposal which describes an end-to-end encrypted Tor2Web-like system. 
> I'm really interested in hearing any suggestions, comments or
> criticism about this proposal. In particular I'd like to know if the
> trust requirements for the entry proxies and resolvers seem
> reasonable? Does this proposal make sense and is it something worth
> implementing?

I don't understand the use case for this, given the design presented.

If the HS operator is willing to register a domain, run a public name
server, and pay for a CA cert, why host the actual content on a Tor

It should be emphasized that the user has absolutely zero anonymity
under this scheme, in that anyone tapping the link between the user
and the proxy can see what domain the user is trying to view.  Anyone
with the capability to inject RSTs can censor on a per-site basis as


Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150914/8182c3dd/attachment.sig>

More information about the tor-dev mailing list