-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mitar wrote: > Hi! > > On Fri, Feb 13, 2009 at 12:55 PM, Scott Bennett <[email protected]> wrote: >> By reinventing TCP within tor, the proponent(s) believe they can achieve >> better overall performance, even though they lose the basic operating-system >> level of support for reliable delivery in the process and I think they lose >> one layer >> of encryption, as well. > > I would go with this question further: why reinventing TCP over UDP > again in general? General solutions and implementations for that > already exist. For example, Tor could just simply add another layer > with OpenVPN (or just OpenVPN based) system. > > One hackish, to show my idea, solution could be to build first a world > wide VPN network based on OpenVPN with internal IPs, each Tor node > would get one. Modify Tor nodes to open a new TCP circuit (even if it > already exists) with a target node for every data stream. And this is > it. Data streams would not be multiplexed in one TCP session (hm, does > this decrease security?) so if one TCP stream has packet loss this > will not influence other, and rebuilding a TCP connection from UDP > packets would be done by OpenVPN. > (snip)
If I understand this correctly, node-to-node transmission would still be adding another layer of TCP sequencing to any underlying TCP connection sent into the network on the client end; however, that new TCP sequence wouldn't be "in the clear" as it previously was, but would be encapsulated courtesy OpenVPN's UDP engine. It's still there, however. Ideally, node-to-node transmission would *not* add another TCP sequencing layer; any TCP-based protocol which wants to use the network, would do its own housekeeping. The overlay network shouldn't do any sequencing of its own. (I'm going to have to look more into this SCTP stuff, by the way; I don't know much about it, and it sounds interesting.) - -- F. Fox Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBCAAGBQJJlYysAAoJECxKjnsrYHNHg/QP/1i4YMR7MX65CLhkn6aV0stK AFX4d3cUq8HO5I38hck0TM78AXsRGCJL7BZZ/hjjxk1uZ0YYfUzJcaMv2WLqi3Ii HtB/pGcgRsHc2B9x3+nGC1nn1NlQ3iFBlza4XtXTF4yC1t0XxRb+yYnPadINSHw+ hWDoGMy/bOo4mrb3ycc0Cfm5K47/btQAIKt9lHr7GIkZ+M3oFAKb1IR8OOXFZ8B0 PkT6JwRGMmGh+hR2WddOFXxUjP1uxZaNyx1EXmbCQEw1PkT9KWqgJgk9NEI/uvvL 4lNWM9nXbBA2JBnpp/w49Osmju7aQr1FaqBHQ1hRCD896st3wDZ5X5elBdQUpc2X Y5wM3RJpnS3iL1o2Uy9CFSS9ZLd6xws7/aMvifJZLKnNmcTB92u7yiPP10R17MDu wPl8O/5w994P6er/OwUkUDRc85s3cUauZzSwbvhivB/8YYOWa6zHbpwau+WGLIf1 tVJc1aoNFeFO0odTecM25A3D2NAJDXYiBq9lDwWw5VqlbYtV2+fr1t2I2ivU9WfW w9xJhLMZ0AuGAZ2Gz1pREq9AlwbpeoKUMg46B+q0emhgZZpnv4odo6YpjqQQ3qtq 1VfdKR56K4eucxqZoO3ZuKlaxKxKCLpMzbKLcoG4NJA6a5U2v6bhpM9VMD3n9J6F JTRko4Cj0YUhw+ShX+zQ =qemp -----END PGP SIGNATURE-----

