[tor-dev] [RFC] control-spec: Specify add/remove/view client auth commands (client-side).

George Kadianakis desnacked at riseup.net
Mon May 6 17:04:51 UTC 2019

Mark Smith <mcs at pearlcrescent.com> writes:

> On 5/6/19 11:19 AM, George Kadianakis wrote:
>> Hello list,
>> here is a control spec patch for adding v3 client auth commands to
>> add/remove/view clients from the client-side (so Tor Browser -> Tor):
>>                 https://github.com/torproject/torspec/pull/81/commits/3a26880e80617210b4729f96664ef9f0345b0b7c
>> I'm currently unhappy with the naming of those commands, and in general
>> with how easy it is to confuse them with the (non-existent) service-side
>> commands. I'm wondering how to name them better so that when we add the
>> respective service-side commands (at some point we should) there is no
>> confusion.
>> Let me know what you think!
> Thanks for working on this.  I have a couple of comments:
> 1. How does Permanent get set?  Should there by an option added to
> ADD_ONION_CLIENT_AUTH to let the client say "store this on disk"?

Yes we do want that! We just thought it adds to engineering complexity and
it shouldn't get in as part of the first implementation (i.e. as an s27-must).

I will still add it to the spec, and just not implement it.

> 2. For VIEW_ONION_CLIENT_AUTH it would be nice if the HSAddress
> parameter was optional.  We may want to build an interface that allows
> users to see all of their keys and choose which ones to remove, etc.

Good point! Will do.

Will probs have a revision for this list tomorrow!

More information about the tor-dev mailing list