[tor-dev] [RFC] control-spec: Specify add/remove/view client auth commands (client-side).

Mark Smith mcs at pearlcrescent.com
Mon May 6 16:04:08 UTC 2019

On 5/6/19 11:19 AM, George Kadianakis wrote:
> Hello list,
> here is a control spec patch for adding v3 client auth commands to
> add/remove/view clients from the client-side (so Tor Browser -> Tor):
>                 https://github.com/torproject/torspec/pull/81/commits/3a26880e80617210b4729f96664ef9f0345b0b7c
> I'm currently unhappy with the naming of those commands, and in general
> with how easy it is to confuse them with the (non-existent) service-side
> commands. I'm wondering how to name them better so that when we add the
> respective service-side commands (at some point we should) there is no
> confusion.
> Let me know what you think!

Thanks for working on this.  I have a couple of comments:

1. How does Permanent get set?  Should there by an option added to
ADD_ONION_CLIENT_AUTH to let the client say "store this on disk"?

2. For VIEW_ONION_CLIENT_AUTH it would be nice if the HSAddress
parameter was optional.  We may want to build an interface that allows
users to see all of their keys and choose which ones to remove, etc.

Mark Smith
Pearl Crescent

More information about the tor-dev mailing list