[tor-project] I figured out v3 onion client auth and wrote a blog post

David Goulet dgoulet at torproject.org
Mon Jan 21 17:55:53 UTC 2019

On 21 Jan (09:30:47), Matt Traudt wrote:
> See it here:
> https://matt.traudt.xyz/p/FgbdRTFr.html or
> http://mattttttssi4lhud.onion/p/FgbdRTFr.html or
> http://zfob4nth675763zthpij33iq4pz5q4qthr3gydih4qbdiwtypr2e3bqd.onion/p/FgbdRTFr.html

Thanks for this! I won't repeat what George said but that is that ;).

We have yet to create a "tor-genkey" that would be shipped with "tor" and able
to generate the keys so for now your python script is great!

There is also a bash + openssl one that mtigas created, I put it here:


Kind of practical imo since "openssl" cli is basically everywhere.

> While doing so I opened two tickets:
> Document the max number of v3 client auths I can make
> https://trac.torproject.org/projects/tor/ticket/29134
> Failing to connect to a v3 onion service with client auth produces
> really long lines in log
> https://trac.torproject.org/projects/tor/ticket/29135

Yes! That was actually supposed to be fixed but there is still the full
descriptor being dumped... Thanks for the ticket!

> Sometimes it seems like advanced features aren't documented very well,
> so I thought I'd write down what I figured out. I encourage Tor to use
> this in whatever way makes sense.
> Matt
> _______________________________________________
> tor-project mailing list
> tor-project at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20190121/53dbaeb2/attachment.sig>

More information about the tor-project mailing list