[tor-bugs] #30558 [Applications/Tor Browser]: Namecoin support for onion sites in Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 21 16:46:56 UTC 2019
#30558: Namecoin support for onion sites in Tor Browser
------------------------------------------+------------------------
Reporter: arthuredelstein | Owner: JeremyRand
Type: defect | Status: assigned
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID: #30029
Points: | Reviewer:
Sponsor: |
------------------------------------------+------------------------
**The problem**
Onion domains are generally almost impossible for humans to remember.
Specifically, they are very long and consist of a series of random
characters.
v2 domains look like this:
* https://www.propub3r6espa33w.onion/
and v3 domains look like this:
* http://vww6ybal4bd7szmgncyruucpgfkqahzddi37ktceo3ah7ngmcopnpyyd.onion
So, while onion domains are secure and decentralized, they are not human-
meaningful, and thus fail to satisfy all three desired properties
described in [https://en.wikipedia.org/wiki/Zooko%27s_triangle Zooko's
triangle].
**Proposed solution**
Namecoin offers a solution for Zooko's triangle. Domains are registered in
a decentralized manner, can be remembered by humans, and are secure. A
Namecoin (.bit) domain looks like this:
* http://federalistpapers.bit
The .bit domains can be pointed to a unique .onion domain. So the user
needs only to enter http://federalistpapers.bit and they will be taken to
the appropriate onion site (in this case,
http://7fa6xlti5joarlmkuhjaifa47ukgcwz6tfndgax45ocyn4rixm632jid.onion)
The task consists of writing patches for Tor Browser that integrates a
Namecoin lookup client, such that when a user enters a .bit domain name
the browser is connected to the underlying .onion site. In the address
bar, the entered address including a .bit domain will continue to be
shown, and the .onion domain will be indicated on the circuit display.
Initially, the patches can be integrated into Tor Browser Nightly. If
testing is successful, I hope it could progress to Tor Browser alpha and
eventually stable.
** Comparison to other approaches **
There are several promising approaches to allowing human-meaningful
aliases to onion sites. However, they don't fully solve Zooko's triangle:
* HTTPS Everywhere: Aliases are under central control by the addon
maintainer.
* Bookmarks/Petnames: Aliases are not global.
* Alt-Svc/Onion-Location: Aliases require first connecting through a
centralized ICANN domain.
I think Namecoin is especially promising because it can be globally
registered and maintained securely by the onion site operator, without any
centralized permission. Thus the properties of security and
decentralization offered by .onion domains are shared by .bit domains.
There are some challenges:
* Historically, Namecoin lookup has been slow and required cumbersome
downloads. Jeremy has made major progress in reducing the footprint.
* Registering a Namecoin domain requires downloading specialized software
and is not anonymous without special precautions. Future work (out of
scope here) could include building documentation and/or software tools to
allow onion operators to easily and anonymously register a .bit domain and
point it to a .onion domain.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30558>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list