[tor-bugs] #17178 [Core Tor/Tor]: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Sep 6 08:15:29 UTC 2016 

#17178: Rendezvous Single Onion Services: One-Hop Intro Point and Rendezvous
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  teor
     Type:  enhancement                          |         Status:
                                                 |  needs_revision
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.2.9.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  rsos, tor-hs, TorCoreTeam201608,     |  Actual Points:  11.5
  TorCoreTeam201609, review-group-5, review-     |
  group-8                                        |
Parent ID:                                       |         Points:  6.5
 Reviewer:  dgoulet                              |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:76 nickm]:
 > Two more concerns that just occurred to me:
 >
 >   1. Should the 'poisoning' feature work in both directions?  It seems
 to me that the damage from accidentally making an anonymous hidden service
 non-anonymous would be much much greater than the danger of accidentally
 anonymizing something that you didn't mean to anonymize.

 So I think the design you're asking for is:
 * mark all anonymous services as anonymous,
 * mark all non-anonymous services as non-anonymous,
 * refuse to start if the current config is inconsistent with any of the
 services' previous usage,
 * and when there's no record of what the hidden service key has been used
 for:
   * assume it's been used for an anonymous service,
   * if we're in non-anonymous mode:
     * refuse to start, and
     * advise the user to use a newly created directory with a new key, or
     * provide a manual action ("create a file") that convinces tor that
 the key can be used for non-anonymous services.

 I guess I'll work on this tomorrow. I've pushed the remainder of the
 changes to feature-17178-v7.

 >   2. I anticipate that if all the options for making RSOS start with
 "OnionService" and all of the options for making anonymous onions services
 start with "HiddenService", then people will call RSOS "onion services"
 and continue to call anonymous onion services "hidden services." That's
 probably not what we had in mind.

 I believe dgoulet and asn plan to alias all existing HiddenService*
 options to OnionService*, and then change all the documentation. But
 they're waiting until prop224 merges.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17178#comment:79>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list