[tor-talk] TOR issues
Hollow Quincy
hollow.quincy at gmail.com
Tue Jan 6 11:05:25 UTC 2015
[...]
>> 1) Who store the mapping Onion_URL to real IP ? How exit node know
>> where to send request ?
>
> Exit nodes aren't used for hidden services at all. Onion URLs are only
> used to refer to hidden services, which communicate entirely within the
> Tor network and don't exit. Most uses of Tor use exit nodes to reach
> public services on the ordinary Internet, instead of using onion URLs.
>
> The hidden service directory mapping is performed by the hidden service
> directory. :-)
I understand that "the hidden service directory" is "DB" in this diagram:
https://www.torproject.org/docs/hidden-services.html.en
Do you know how to get this list "manually" ? Is it exposed somewhere
publicly ? Can I download it as file ?
>> 3) How the communication is encrypted between nodes ?
>> RSA encryption is not resistant for Man In The Middle attack. (that's
>> why when I connect to new SSH server I need to add public key of the
>> server to trusted list).
>> When I use TOR my request goes to Node1 and than to Node2. How can I
>> establish save connection with Node2, when Node1 is between us ?
>
> Each Tor relay has its own public key which it declares when registering
> with the Tor directories. The Tor directories confirm that they have
> the same view of the relays on the network, and the relays' public key,
> through the consensus mechanism.
>
> That means that the Tor directories are something like certificate
> authorities or PKI for the regular Tor relays. You have to trust the
> consensus of the directories to give you the correct public keys for the
> relays you plan to use, so that no relay (or ISP) can perform an
> undetected man-in-the-middle attack.
>
> https://www.torproject.org/docs/faq#KeyManagement
I still don't understand one step here
(https://www.torproject.org/docs/hidden-services.html.en)
why client cannot communicate with hidden service using "Introduction
points" but they try to establish connection using other machines
"rendezvous point".
If they switched some information thought one channel, why cannot they
communicate all the time ?
Thank you for help
More information about the tor-talk
mailing list