[tor-dev] Special-use-TLD support

Jeff Burdges burdges at gnunet.org
Mon Sep 28 13:34:26 UTC 2015


On Sun, 2015-09-27 at 22:31 +0000, Jeremy Rand wrote:
> On 09/27/2015 05:47 PM, Jeff Burdges wrote:
> > 
> > This is the first of two torspec proposals to help Tor work with
> > Sepcial-Use TLDs, like the GNU Name system or NameCoin.  The second
> > part will be an anycast facility.   - Jeff
> 
> Hi Jeff,
> 
> Thanks for working on this; Namecoin is definitely interested in this
> effort.  I have one comment.  SPV-based Namecoin clients will, under
> some circumstances, generate network traffic to other Namecoin P2P
> nodes containing names being looked up.  To avoid linkability, stream
> isolation should be used so that different Namecoin lookups go over
> different Tor circuits if the lookups correspond to TCP streams that
> go over different Tor circuits.  (Also, the choice of Namecoin nodes
> to peer with should be different for each identity.)  Therefore, it
> seems to me that there should be a mechanism for Tor to provide
> stream
> isolation information to the naming systems that it calls, along with
> "new identity" commands.
> 
> The above issue doesn't affect full Namecoin clients, or SPV Namecoin
> clients that download the full unspent domain name set.  I don't know
> enough about the GNU Name System to know how this issue affects it,
> if
> at all.
> 
> Thoughts on this?

Yes.  I distrust running p2p applications not specifically designed for
Tor over Tor.  The GNU Name System will therefore run the DHT process
on volunteer Tor exist nodes, much like how DNS queries are handled by
exit nodes.  

Imho, Namecoin should similarly develop a Tor Namecoin shim client that
contacts special SPV Namecoin clients running on volunteer exit nodes. 
 I'm working on a second torspec proposal that adds an AnycastExit
option to simplify this. 

In the long term, there are obviously concerns about bad exit nodes,
especially if there are only like two exits supporting Namecoing or
GNS, but currently so few people use GNS or Namecoin that we can
probably ignore this. 

> Also, trivial spelling nitpick: "Namecoin" is typically spelled with 
> a lowercase "c", like "Bitcoin".

Thanks!

Jeff


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20150928/aca9b8de/attachment.sig>


More information about the tor-dev mailing list