[tor-bugs] #25066 [Core Tor/Tor]: Rendezvous points should return signed proof of the established rend point
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 10 17:50:23 UTC 2019
#25066: Rendezvous points should return signed proof of the established rend point
-------------------------------------------------+-------------------------
Reporter: arma | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: needs-proposal, | Actual Points:
034-triage-20180328, 034-removed-20180328 |
Parent ID: #29999 | Points: 15
Reviewer: | Sponsor:
| Sponsor27-can
-------------------------------------------------+-------------------------
Comment (by cypherbits):
Replying to [comment:10 arma]:
> To set expectations here: I think adding a proof-of-rendezvous-point to
the design is a wild and crazy idea. It would be great to have a simpler
and cleaner idea that helps solve the problem instead.
>
The goal is to check the client actually established the rend point
circuit... the only idea I have in mind is that the rend point signs the
cookie. It should not be that expensive.
Now, that would be if it is the Hidden Service verifying the signature,
but, what if we want it to be the Intro Point? Where to do the verify
process?
I will make a proposal but before that I will have to analyze everything I
can to choose where.
> (And to respond to cypherbits's point, yes it can potentially help with
future DoS issues, but we should also remember that it would not help with
the current DoS issues, because as far as I know they really are
establishing rendezvous points and otherwise following the protocol.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25066#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list