OnionCat -- An IP-Transparent TOR Hidden Service Connector
Bernhard Fischer
bf at abenteuerland.at
Thu Jun 26 07:45:34 UTC 2008
On Thursday 26 June 2008, F. Fox wrote:
> 7v5w7go9ub0o wrote:
> (snip)
>
> > This actually creates another question (not to be argumentative :-) ).
> >
> > Given that there is no exit node, would an OnionCat to OnionCat
> > connection over TOR need to be encrypted? Is it plain-text anywhere
> > along the line?
>
> (snip)
>
> No, it wouldn't need extra encryption - a hidden-service connection has
> end-to-end encryption by its very nature.
>
> However - if I understand it right - a connection over OnionCat would
> still need strong authentication for a service like VNC (say, through
> SSH), regardless of the presence of encryption.
Yes of course you do need authentication anyway!!!
Because everybody who knows the onion-id (or IPv6-derivative can also connect
to your hidden service (OnionCat) through TOR.
Bernhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080626/1c09d502/attachment.pgp>
More information about the tor-talk
mailing list