posting hidden service descriptors
James Muir
jamuir at scs.carleton.ca
Tue Mar 20 21:13:42 UTC 2007
Roger Dingledine wrote:
> On Tue, Mar 20, 2007 at 12:37:22PM -0400, James Muir wrote:
>> I know that hidden servers must post their descriptors to the DAs
>> anonymously to avoid exposing their IP addresses. Is this done through
>> a normal (i.e. three hop) circuit?
>
> Yes.
>
>> I suspect it is not because in
>> src/or/circuitbuild.c there is a condition for creating one-hop tunnels
>> and a log message "Launching a one-hop circuit for dir tunnel."
>
> No, one-hop circuits are for begin_dir cells. See 6.2.1 in
> tor-spec.txt. They let you connect to a directory port in an encrypted
> authenticated manner, which can also be handy when your local network
> is filtering certain http requests or ports. The one-hop circuits
> are intended for cases where currently you'd just be making a direct
> connection: now you connect to the Tor server and ask to connect to
> its dirport.
Thanks for the clarification! That makes sense to me now.
-James
More information about the tor-talk
mailing list