#4700: Tor should provide a mechanism for hidden services to differentiate authorized clients and circuits -------------------------------------------------+------------------------- Reporter: katmagic | Owner: (none) Type: enhancement | Status: | needs_revision Priority: Medium | Milestone: Tor: | 0.3.5.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-control, needs-proposal, tor- | Actual Points: hs, needs-design, 035-roadmap-master | Parent ID: | Points: 10 Reviewer: dgoulet | Sponsor: -------------------------------------------------+------------------------- Changes (by nickm):
* status: merge_ready => needs_revision Comment: Hi! This patch looks good. Three things I think we should do here: * I think that the configuration option should accept "none" in addition to "haproxy". * We should link to the spec for this protocol, in the code and in the manual, and explain which version we support. * Are we exposing the 'global_identifier' field for an important reason, or is it just important that we expose _some_ unique value? If it's the latter case, instead of putting the 'global_identifier' into the IPv6 address and source port directly, I think we should hash them first, possibly with siphash. It's not that these values are very sensitive, but I don't want anybody depending on the actual global_identifier layouts from Tor unless we're exposing them intentionally. (But if we are exposing them intentionally, we should document that.) One thing for the future, or maybe I don't understand this: * Is there some intended way for programs to tell whether a user's circuit is authenticated, and if so to which user? -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4700#comment:29> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs