Talks of hidden services and DNS
Kasimir Gabert
kasimir.g at gmail.com
Mon Mar 12 02:10:40 UTC 2007
Hello,
This definitely sounds like it will work, and I cannot see it really
taking any extra or special coding. I think it would work "out of the
box". The DNS would work both in and out of Tor. It would be running
outside of Tor, so users not using Tor would get back the CNAME
pointing to 1234abcd.onion and realize that they need Tor to use
.hidden. domains (or .hidden.int.). It really seems to me like it
should all work well and integrate smoothly into the current system.
Then again, I am very new to Tor, so I could be overseeing something.
I do not see any major security holes that this would bring up. It
seems to me like it would be the same as accessing google.com through
Tor -- the DNS is looked up through Tor and so it would not be
overridden by a malicious ISP or country.
Kasimir
On 3/11/07, Michael_google gmail_Gersten <keybounce at gmail.com> wrote:
> Cnames to convert something like .hidden to .onion is a decent idea.
> If nothing else, when people start clicking on links, and getting
> "unresolvable"/"No such host", that might give more exposure to tor to
> other people.
>
> We could set up a DNS system entirely within Tor. Just have cnames
> from host.hidden.onion to somelongkey.onion, and it is never seen by
> the rest of the DNS world. The mappings would be registered with the
> directory servers, who would track known, registered mappings from
> host.hidden.onion to key.onion, and key.onion's would be registered as
> they currently are.
>
> We could even do a combo. Get a special TLD now, or add to an existing
> special, like .int. (approval time? About a week). Start putting in
> names, registrar being the Tor central directory servers. In about 3
> months time, when the code is written and tested, move to Tor served
> names.
>
--
Kasimir Gabert
More information about the tor-talk
mailing list