Michael Rogers: > On 01/07/13 01:55, Jacob Appelbaum wrote: >> It is also why we have multiple implementations as well. There is a >> Java version of Tor that is nearly ready for release and it will >> solve a number of the C implementation concerns and exchange them >> for Java related concerns. There are a few other Tor >> implementations in the wild, each serving an interesting subset of >> users. Diversity is important. > > This is great news! Has someone brought one of the existing Java > implementations up to speed with the C implementation, or is there a > new one in the works?
I've cc'ed the author - he can answer your questions, I suspect. I believe the latest java version of JTor is located here: https://github.com/brl/JTor I think it will be renamed soon. > >> I feel OK about not having another layer of crypto on top of a Tor >> HS but in your protocol's case, I'd encourage you to use Stealth >> Hidden Services - so at least then the only people connecting are >> the ones who are cryptographically authenticated in some manner. > > Are there any docs on running a stealth hidden service? Yeah, of course: HiddenServiceAuthorizeClient auth-type client-name,client-name,... If configured, the hidden service is accessible for authorized clients only. The auth-type can either be 'basic' for a general-purpose authorization protocol or 'stealth' for a less scalable protocol that also hides service activity from unauthorized clients. Only clients that are listed here are authorized to access the hidden service. Valid client names are 1 to 19 characters long and only use characters in A-Za-z0-9+-_ (no spaces). If this option is set, the hidden service is not accessible for clients without authorization any more. Generated authorization data can be found in the hostname file. Clients need to put this authorization data in their configuration file using HidServAuth. It isn't the easiest thing in the world to use for normal users but it does the trick. All the best, Jacob _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
