Hiya! > On Dec 5, 2015, at 03:44, John Levine <jo...@taugh.com> wrote: > > With onion you get a rather different thing that looks like an open > TCP connection, a couple of levels up the protocol stack. So if the > theory is that these special names are doing a protocol switch, it's > not one switch, it's potentially a switch per name. I suppose you > could say there's yet another switch for test, example, and invalid > that returns failure at whatever level of the stack you try.
Strictly an Onion address yields you a _real_ TCP connection to your SOCKS
server, which tunnels that to the remote endpoint, connecting to a _real_
(though potentially synthesised) TCP Port Number at the server.
I find it simplest to think of Onion addresses as akin to using a SOCKS proxy
to connect to an alternative Layer-3-address space, out on a VPN somewhere.
I find it hard to get particularly exercised about "Where does Tor sit in the
7-Layer Model" when I haven't successfully yet answered that for SOCKS. :-)
The Onion addresses aren't making a "protocol switch", they're merely
constrained to TCP in the same way SOCKS is; and in much the same way that it
is possible to ask a SOCKS proxy to connect you to 192.168.23.45 on port 22, it
is equally possible to ask Tor to connect you to someonionaddress.onion on port
22. Or 25, 80, 443, or whatever, so long as a listener has been configured on
the other end.
-a
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
