Talks of hidden services and DNS
H D Moore
torspam at metasploit.com
Mon Mar 12 02:17:01 UTC 2007
The tricky part will be deciding who is authoritative for the DNS records.
If any user can submit a name, what if its already taken? Does it
overwrite, or is it first-come, first-serve? If its distributed, then a
rogue operator could serve false responses for a target name. If this is
something that the tor "core" would operate, it still needs some form of
authentication to manage/update/remove/etc.... and authentication seems
to be the exact opposite of what tor is supposed to provide.
-HD
On Sunday 11 March 2007 21:10, Kasimir Gabert wrote:
> I do not see any major security holes that this would bring up. It
> seems to me like it would be the same as accessing google.com through
> Tor -- the DNS is looked up through Tor and so it would not be
> overridden by a malicious ISP or country.
More information about the tor-talk
mailing list