On 09/11/14 12:50, George Kadianakis wrote:
Hidden Service authorization is a pretty obscure feature of HSes, that
can be quite useful for small-to-medium HSes.
Basically, it allows client access control during the introduction
step. If the client doesn't prove itself, the Hidden Service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 09/11/14 12:50, George Kadianakis wrote:
I suspect that HS authorization is very rare in the current
network, and if we believe it's a useful tool, it might be
worthwhile to make it more useable by people.
For what it's worth, the reason I
It is verifiable. In authenticated hidden services, the introduction
points are first encrypted and then base64 encoded. So a simple test is:
When base64 decoded, is the MSB bit set on any bytes ? If yes, then it's
probably authenticated, otherwise not.
Note, you can use the Tor research
On Sun, Nov 9, 2014, at 07:50 AM, George Kadianakis wrote:
Hidden Service authorization is a pretty obscure feature of HSes, that
can be quite useful for small-to-medium HSes.
...
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a
Hidden Service authorization is a pretty obscure feature of HSes, that
can be quite useful for small-to-medium HSes.
Basically, it allows client access control during the introduction
step. If the client doesn't prove itself, the Hidden Service will not
poroceed to the rendezvous step.
This
So most of my work over the next three days is writing and editing
documentation on hidden services.
I'm in Boston and the purpose of this trip is to rewrite existing documentation
to be more useful, but with authenticated hidden services, what's available is
extremely sparse. GlobaLeaks and
On Sun, Nov 09, 2014 at 12:50:00PM +, George Kadianakis wrote:
I suspect that HS authorization is very rare in the current network,
and if we believe it's a useful tool, it might be worthwhile to make
it more useable by people.
Yes, HS authoritzation is rare. It's rare enough that it was
On Sun, 9 Nov 2014 16:19:24 +
Andrea Shepard and...@torproject.org wrote:
How would Tor Browser learn about this reason for not being able to
connect/ tell Tor the authentication info? This is starting to sound
like wanting SOCKS5 extensions to indicate different causes for
connection
SecureDrop (and former Firefox) dev here. A few months ago I started
working on a patch to support prompting users for an authenticated
hidden service cookie in the manner of HTTP Basic Auth. [0] We require
journalists who use SecureDrop to download submissions from an
authenticated Tor hidden
I'm probably missing significant Tor development history here, but section
5.2 of the tor design paper
http://www.onion-router.net/Publications/tor-design.pdf mentions using
the domain format x.y.onion where x is used for authorization and y.onion
is used for actual the actual addressing. I'm not
In the future Next Generation Hidden Services specification there
are again two ways to do authorization:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt#l1446
One way is with a password and the other is with a public key.
A {shared secret,key} and a user
On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a protected HS. Protected HSes
can be recognized by looking at the authentication-required field of
the HS descriptor. Typing your password on the
On Sun, Nov 9, 2014 at 3:30 PM, Fabio Pietrosanti - lists
li...@infosecurity.ch wrote:
On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a protected HS. Protected HSes
can be recognized by looking
On 2014-11-09 15:30, Fabio Pietrosanti - lists wrote:
On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a protected HS. Protected HSes
can be recognized by looking at the authentication-required
On Sun, Nov 09, 2014 at 09:16:40PM -0500, Griffin Boyce wrote:
On 2014-11-09 15:30, Fabio Pietrosanti - lists wrote:
On 11/9/14 8:58 PM, Jacob Appelbaum wrote:
For example, it would be interesting if TBB would allow people to
input a password/pubkey upon visiting a protected HS. Protected HSes
15 matches
Mail list logo