On 10/4/12, Eugen Leitl <eu...@leitl.org> wrote: > > I've had an IRC session with the designer of cjdns (on cjdns) > who made a few interesting points, and suggestions. Comments? > > Verbatim chat snip below. > > 18:03 <@cjd> if you took the components from cjdns, you could build a TOR > like protocol which used UDP if > possible and made connections much faster > 18:04 <+eleitl> I wonder why they didn't choose UDP
Presumably because TCP was easier. > 18:05 <@cjd> you need to fall back on tcp in case you're firewalled to hell > 18:05 <+eleitl> Apparently, they're thinking about it > > https://blog.torproject.org/blog/moving-tor-datagram-transport Yes. TCP was a bad choice for Tor. > 18:06 <@cjd> problem with tor is (correct me if I) > 18:06 <@cjd> 'm wrong) > 18:06 <@cjd> the directory is signed by the tor foundation > 18:07 <@cjd> so they can sign a fake directory and run a bunch of directory > servers and when Alice connects to > their directory server, they give her a bunch of fake nodes The v3 network consensus document must be signed by a majority of the (currently nine) directory authorities' signing keys. None of the directory authorities are operated by Tor Project, Inc.. > 18:07 <@cjd> run their own botnet with fake tor nodes so your circuit is > always owned TPI does not have the expertise needed to run a botnet for this purpose. > 18:07 <+eleitl> I don't really know for sure, but there's intrinsic trust to > Tor developers, yes. > 18:08 <+eleitl> You can run your own Tor network, though. > 18:08 <+eleitl> Some botnets do that. Interesting. Do you have a reference describing one of these botnets? > 18:08 <@cjd> I trust them to make the software right, esp. since I could > check if they did. > 18:09 <@cjd> But a little arm twisting can change someone's motives pretty > fast. > 18:09 <+eleitl> Maintaining signing secrets is a problem. > 18:09 <+eleitl> They should have used a P2P design. Do you have a ‘P2P design’ for Tor which doesn't rely on trusted parties ‘maintaining signing secrets’ and which isn't broken? (Hint: No, you don't.) Do you have any ‘P2P design’ for Tor at all which isn't broken? > 18:10 <@cjd> If someone (with government hat?) tells you they can make your > life hell... I wouldn't fault them > for doing what the man says. > 18:10 <@cjd> *wouldn't fault you > 18:10 <+eleitl> I'll try bugging some Tor developers about that scenario, > and see how they squirm. > 18:11 <+eleitl> Also, the UDP connection thing. > 18:11 <@cjd> You can "stack" your circuit setup packets if you're using UDP > 18:11 <@cjd> stack -> all headers in the same packet > 18:12 <@cjd> cjdns does the same thing If this refers to including the circuit-extension packet which caused a relay to open an OR connection in the first UDP packet that it sends in order to open that connection, I agree that that would be a good thing to do, although mostly for reasons that cjd isn't mentioning. If this refers to setting up a complete three-node Tor circuit with only one outgoing packet sent by the client, that can be implemented without a UDP-based transport (and early versions of Tor did implement it). Robert Ransom _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
