Hi! Am 13.11.2015 um 23:20 schrieb Christoph Anton Mitterer: > Hey. > > Sorry to "complain"... but I don't quite get the rationale behind that > hidden service thingy for our key servers - at least not as it's seemed > to be deployed right now.
I would imagine not leaving the tor network through an exit is the benefit. Why does facebook run a Hidden Service [0]? There where some thoughts one could create a profile by just looking at the metadata (from keyserver operator or eavesdropper on the line) while key-refresh request from a given peer. Thats why tools like parcimonie [1a/b] where developed. Those use a new circuit for every single key-refresh. Hendrik [0] https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs [1a] https://github.com/EtiennePerot/parcimonie.sh [1b]https://code.openhub.net/file?fid=BbMaEKchr9cDAOVs8ozX5mJ40g8&cid=RfbvTf3fwdw&fp=405976&mp&projSelected=true#L0 -- _____________________________________________________________________ Hendrik Grewe hendrik.gr...@tu-dortmund.de Public PGP-Key http://mypgpkey.b4ckbone.org PGP-Fingerprint B8D6 0D8C F5A9 410A 8077 66AE CF08 65D2 0A09 6F7B PGP-encrypted mails are welcome! _____________________________________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel