[tor-dev] DNS resolution isolation in Tor Browser

teor teor2345 at gmail.com
Fri Jun 15 01:58:15 UTC 2018

> On 15 Jun 2018, at 09:16, nusenu <nusenu-lists at riseup.net> wrote:
> Thanks for the replies.
> Does tor simply assume (try) that the exit policy allows the destination
> address (not the port) or does it check the exit policy before selecting
> the circuit?
> (in that case it would have to know the destination IP 
> before building or at least selecting the circuit to use)

Most tor clients use microdescriptors, which only contain a port summary:

Clients check the port, and assume that the DNS name will resolve to an IPv4
address allowed by the exit.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20180615/4628e4ed/attachment.html>

More information about the tor-dev mailing list