Hi, [email protected] wrote (01 Jul 2011 17:09:38 GMT) :
> Tor could actually solve a lot of problems here, I agree. Another > thing is, the hidden server address of your server is a hash of your > routing/crypto key, and so it could partially solve the initial > contact routing problem. I very much like the idea of using and providing services hosted on a FreedomBox reachable through a Tor hidden service, but I'm not sure this hash would be a strong enough identifier to solve the problem you're talking of. Excerpt from address-spec.txt in the torspec Git repository¹: SYNTAX: [digest].onion The digest is the first eighty bits of a SHA1 hash of the identity key for a hidden service, encoded in base32. I've been told these 80 bits are not that much; I've been told it not that hard to generate a key pair for a Tor hidden service so that it matches a given arbitrary .onion name; I seem to remember I've even seen published software (called Shallot IIRC) that renders the whole process easy and doable on commodity hardware. To be confirmed by actual testing and/or cryptography knowledge. If it's confirmed this identifier is not enough, it does not mean at all that Tor hidden services should be disregarded, but merely that they do not offer, for free, the added benefit of solving a great part of the "service name <-> communication public key" verification problem. 1. git://git.torproject.org/torspec.git Bye, -- intrigeri <[email protected]> | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc | Do not be trapped by the need to achieve anything. | This way, you achieve everything. _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
