#17945: Stop Tor2Web connecting to (Rendezvous) Single Onion Services -------------------------------------------------+------------------------- Reporter: teor | Owner: (none) Type: enhancement | Status: new Priority: Medium | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor2web, tor-hs, 029-proposed, 029 | Actual Points: -teor-no, needs-design, needs-proposal-maybe, | single-onion | Parent ID: #24962 | Points: 5 Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by teor): Replying to [comment:38 asn]: > Sorry for being pessimistic here, but do we think this is really worth the effort? > > IIUC this ticket is meant to protect tor2web clients who connect to single onions. No, it's meant to protect relays from knowing both client and service IP addresses. And it's meant to protect relays from being turned into single- hop proxies. It's like the single-hop exit ban. > Do we think there are actual tor2web clients who care to be protected? My understanding is that all tor2web clients are just `onion.to`-type of services and I bet they don't care about their anonymity. Some of them are automated hidden service scanners, too. > If an actual person went through all the effort to compile their Tor into tor2web mode and then configured their browser to use that, I bet they kinda know what's going on. What's the class of people we are trying to protect here, and is it worth going through all that effort? Relay operators from attacks or legal threats, and relays from DDoS or overload. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17945#comment:39> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs