#17945: Stop Tor2Web connecting to (Rendezvous) Single Onion Services
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  (none)
     Type:  enhancement                          |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.3.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor2web, tor-hs, 029-proposed, 029   |  Actual Points:
  -teor-no, needs-design, needs-proposal-maybe,  |
  single-onion                                   |
Parent ID:  #24962                               |         Points:  5
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by asn):

 Sorry for being pessimistic here, but do we think this is really worth the
 effort?

 IIUC this ticket is meant to protect tor2web clients who connect to single
 onions. Do we think there are actual tor2web clients who care to be
 protected? My understanding is that all tor2web clients are just
 `onion.to`-type of services and I bet they don't care about their
 anonymity. If an actual person went through all the effort to compile
 their Tor into tor2web mode and then configured their browser to use that,
 I bet they kinda know what's going on. What's the class of people we are
 trying to protect here, and is it worth going through all that effort?

 Or are we doing just that to demotivate attackers from camping into RPs?
 What kind of attackers would do that if they understood the above?

 Sorry if I'm misunderstanding something but the top-post is quite vague in
 its attacks description, so I'm not sure I'm up to date here. Thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:38>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Reply via email to