Tavin Cole <tcole at espnow.com> writes: > On Tue, Jan 22, 2002 at 02:22:07PM -0600, Edgar Friendly wrote: > > > Adding a reason code to the QRej is probably a good idea on general > > > principle. > > > > > For the purposes of debugging, it's fine, but I like the fact that now > > you can't use QRej responses to determine whether a node is part of a > > request chain. This level of uncertainty I find really useful in > > protecting anonymity. > > I don't follow your claim. If a node replies "QRej: route not found" > you know it hasn't seen the request before, but if it replies > "QRej: looped request" you know it has. > > So how does adding a reason code to QueryRejected compromise anonymity? > -tc > My argument was that now you just get back a generic "QRej", without a reason, you don't know which is the case. So an attacker can't use that information to determine the path of a request.
It doesn't "compromise anonymity", it just gives an attacker more information than I'd like them to have. Thelema -- E-mail: thelema314 at bigfoot.com Raabu and Piisu GPG 1024D/36352AAB fpr:756D F615 B4F3 BFFC 02C7 84B7 D8D7 6ECE 3635 2AAB _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
